NSFOCUS Threat Intelligence integrates with Palo Alto Networks Next-Generation Firewall, enabling actionable threat intelligence for customers

Posted by Admin, 12-04-2018

NSFOCUS and Palo Alto Networks combined Threat Intelligence Service and Next-Generation Firewall to provide complete visibility into the global threat landscape


SINGAPORE, April 12, 2018 – NSFOCUS, the leader in holistic hybrid security solutions, and Ingram Micro, the premier go-to-market security Value Added Distributor for both NSFOCUS and Palo Alto Networks in the Asia Pacific, are now offering NSFOCUS Threat Intelligence (NTI) together with the Palo Alto Networks Next-Generation Firewall. The combined offering, which will be distributed by Ingram Micro, provides complete visibility into the global threat landscape, including mainland China and APAC, for dynamic threat prevention. Palo Alto customers will benefit from an enhanced threat intelligence capability that minimizes risk and improves overall security posture. As the common go-to-market Value Added Distributor for both NSFOCUS and Palo Alto Networks, the solution will be distributed by Ingram Micro.

The Palo Alto Networks next-generation firewalls are architected to safely enable applications on the internet and protect them from modern threats by incorporating threat intel data from several sources. However, recent research indicates that up to 40% of all internet attacks originate from or are channeled through mainland China. The NSFOCUS Threat Intelligence (NTI) data feed subscriptions will help close this cyber-threat hole by augmenting the default Palo Alto feeds with threat intelligence covering mainland China and APAC.

NSFOCUS TI integrates with Palo Alto Firewalls using an API Connector. This allows NTI data to be intelligently combined with the Palo Alto Networks AutoFocus™ contextual threat intelligence service.  AutoFocus identifies and contextualizes the most virulent threats that Palo Alto customers are exposed to, including malicious actor, malware family, and campaign. Now, it can add context to attacks originating from mainland China and APAC.

Recent reports have indicated that exploits discovered in mainland China and APAC can take days, weeks, or even months before they are replicated elsewhere. NSFOCUS is the only company that can provide insight from mainland China, APAC, and other parts of the world, making it uniquely qualified to help mitigate these risks before they escalate. With more than 8,000 active customers, 12,000 network sensors, extensive honeypots worldwide, over 700G of data collected daily, and visibility into 400 million endpoints, NSFOCUS’ suite of Threat Intelligence solutions helps organizations get ahead of future attacks by implementing countermeasures quickly to protect critical assets.

“By integrating our NTI feeds with Palo Alto Networks Firewalls, users now have a comprehensive solution that includes threat intelligence from countries spanning the globe, delivering a real edge in the data security arena. Implementing a holistic, intelligence-driven solution with true global insight can help security teams to understand strategic and tactical intelligence – not just data - to take immediate action on the threats to their business,” said Attley Ng, Senior Vice President of Asia Pacific Japan at NSFOCUS. “Our worldwide team of researchers and engineers work around the clock to help customers gain visibility and context to effectively respond to threats, both known and unknown,” he said.

Francis Choo, Vice President & Chief Country Executive of Ingram Micro commented, “NSFOCUS is one of the few companies that can provide global threat intelligence, making them uniquely qualified to help mitigate these risks before they escalate. The combined offering from NSFOCUS and Palo Alto Networks allows our customers to better defend against threat actors from across the globe and results in an improvement in coverage versus the default set of feeds.  We believe the new offering will help enhanced security with minimal additional expenditure and provide a significant improvement in our customers’ security posture.”

Subscribing to NSFOCUS Threat Intelligence Feeds instantly adds these capabilities to any Palo Alto firewall:

  • Verify known malicious addresses from mainland China and APAC
  • Detect unknown or suspicious activities originating from mainland China and APAC
  • Ability to detect when internal protected assets are contacting Chinese Command and Control servers

NSFOCUS’ Threat Intelligence Feed includes:

  • Synthesis of over 700GB per day of known malicious mainland Chinese and APAC activity from our vast sensor network composed of firewalls, anti-DDoS, endpoints, honeypots, Intrusion Detection Systems, and Web Application Firewalls fed to a Palo Alto firewall every few hours
  • Updating dynamic lists throughout the day to prevent malicious connections to or from protected assets
  • Access to the NTI portal to conduct forensic analysis of events and exposed asset analysis of IPs on the internet.

Palo Alto customers are now protected against otherwise unknown malicious IPs and URLs coming from mainland China, providing clarity and minimizing impacts from malicious traffic, leading to a considerable improvement in your organization’s security posture.

To learn more about NSFOCUS’ approach to threat intelligence, visit http://staging.nsfocusglobal.com/threat-intelligence/


About Ingram Micro Inc.

Ingram Micro helps businesses Realize the Promise of Technology™. It delivers a full spectrum of global technology and supply chain services to businesses around the world. Deep expertise in technology solutions, mobility, cloud, and supply chain solutions enables its business partners to operate efficiently and successfully in the markets they serve. Unrivaled agility, deep market insights and the trust and dependability that come from decades of proven relationships, set Ingram Micro apart and ahead. More at www.ingrammicro.com.


NSFOCUS IB is a wholly owned subsidiary of NSFOCUS, an award-winning enterprise application, and network security provider, with operations in the Americas, Europe, the Middle East and the Asia Pacific. NSFOCUS IB has a proven track record of combatting the increasingly complex cyber threat landscape through the construction and implementation of multi-layered defense systems. The company’s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide unified, dynamic protection from advanced cyber threats.

NSFOCUS has sixteen years of success and experience working with Fortune 500 companies, including four of the world’s five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies. NSFOCUS IB has technology and channel partners in more than 60 countries and is a winner of the Microsoft Bug Bounty Program for 5 consecutive years, a member of the Microsoft Active Protections Program (MAPP), StopBadware.org, and the Cloud Security Alliance (CSA).

Enterprise- and carrier-grade products undergo a rigorous evaluation and testing of Veracode VL4 and ISO 27001 certification, delivering powerful and effective threat management combined with advanced data analytics and intrusion prevention and detection capabilities.

A research arm, the NSFOCUS Security Labs, is a renowned technical research center that tracks and analyzes global intelligence while identifying new network vulnerabilities and security trends.