//
you're reading...
IT & TECHNOLOGY, Palo Alto Networks

Tech Docs: Traps v3.4 Has Arrived


PANW-New-Logo-2

Hate your antivirus (AV) solution? You are in luck! Earlier this month we announced Traps v3.4, the next step in the evolution to replace traditional antivirus software.

This release includes several major features that enable you to take the plunge to eliminate traditional antivirus.

TechdocImage 1

Trusted Signers

To ensure your legitimate files are never prevented from executing on the endpoint, Traps advanced endpoint protection now evaluates whether files are signed by a trusted signer. The list of trusted signers is based on the official trusted signer list in WildFire. That means executable files that are signed by trusted signers are exempt from additional analysis and verdict evaluation. This feature is useful in situations where unknown executable files, such as new software updates for the operating system or for applications, are signed by a trusted signer but have not, yet, been analyzed by WildFire.

Local Analysis

Local analysis uses a statistical model that was developed using machine learning on WildFire threat intelligence. Traps uses local analysis to examine hundreds of characteristics associated with an unknown executable file to determine if the file is likely to be malware. With this feature, Traps quickly analyzes and assigns a local verdict to an unknown executable file when the endpoint is offline or while waiting for the official verdict from WildFire. Traps continues to use the local verdict to block or allow the execution of the unknown executable file until the agent receives an updated verdict from the ESM Server.

Malware Remediation

Traps now takes malware protection one step further with a new capability to transparentlyquarantine malicious executable files on the endpoint. To determine if an executable file is malicious and should be quarantined, Traps uses information from the following sources: WildFire threat intelligence, local analysis, and hash control policy. When malware is identified, Traps notifies the user about the quarantined file (if you enabled user alerts), removes the malware from the local folder or removable hard-drive, and stores the file in a local quarantine folder. With this feature, you can also restore a quarantined file to its original location.

Want More?

Here are a few resources to add to your Traps v3.4 reading list!

  • New Features Guide: Your go-to resource for all the new features in Traps v3.4.
  • Administrator’s Guide: Contains installation procedures and configuration workflows to get you up and running quickly.
  • Release Notes: Provides important information about the Traps advanced endpoint protection v3.4 software including known issues and limitations.

Pro tip: On the documentation search, use the facet to filter results for only documentation about Traps v3.4.

[Palo Alto Networks Research Center]

About @PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Web Stats

  • 119,159 hits
@PhilipHungCao

@PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Personal Links

View Full Profile →

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 2,247 other followers

Twitter Updates

Archives

August 2016
M T W T F S S
« Jul   Sep »
1234567
891011121314
15161718192021
22232425262728
293031  
%d bloggers like this: