https://live.paloaltonetworks.com/t5/advanced-threat-prevention/translate-suricata-ips-signatures-into-custom-palo-alto-networks/m-p/1000234#M2399 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/471797567">@kvarshney</a>&nbsp;,</P> <P>&nbsp;</P> <P>Great explanation in the video !</P> <P>&nbsp;</P> <P>Thanks,</P> <P>-Kim.</P> Tue, 07 Jan 2025 08:24:49 GMT kiwi 2025-01-07T08:24:49Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/translate-suricata-ips-signatures-into-custom-palo-alto-networks/m-p/1000206#M2398 <P><STRONG>Threat Prevention</STRONG><SPAN>&nbsp;goes beyond a typical intrusion prevention system (IPS) to inspect all traffic for threats (regardless of port, protocol, or encryption), and automatically blocks known vulnerabilities, malware, exploits, spyware, and command-and-control. Customers can easily automate workflows to rapidly <STRONG>apply IPS signatures in popular formats such as Snort and Suricata</STRONG>, and take advantage of our enhanced threat coverage</SPAN><STRONG>.&nbsp;</STRONG></P> <P>&nbsp;</P> <P>Suricata is an open-source intrusion detection system developed by the Open Information Security Foundation. It can identify complex malicious patterns in network traffic using customizable rules, and therefore it is able to detect sophisticated attacks beyond basic signature-based detection.&nbsp;</P> <P>&nbsp;</P> <P>Suricata is supported by a large community contributing to its development.&nbsp; Therefore, Suricata is used by many organizations as a <STRONG>complementary</STRONG> security tool to create <STRONG>custom signatures, which are tailored to their environment.&nbsp;</STRONG></P> <P>&nbsp;</P> <P>Being an open source tool, it can be easily <STRONG>integrated</STRONG> into Palo Alto Networks next gen firewalls, using <STRONG>Panorama version 10.0 or higher.</STRONG></P> <P>Let us review the process of signature conversion, which is a 3-step process.&nbsp;</P> <UL> <LI style="font-weight: 400;" aria-level="1">Install or update the latest <STRONG>IPS Signature Converter</STRONG> plugin for Panorama.</LI> </UL> <UL> <LI style="font-weight: 400;" aria-level="1"><STRONG>Upload</STRONG> and <STRONG>convert</STRONG> Suricata signatures into the <STRONG>custom threat signatures</STRONG>.&nbsp;</LI> </UL> <UL> <LI style="font-weight: 400;" aria-level="1"><STRONG>Import</STRONG> them into Panorama, and finally push these to your device group.</LI> </UL> <P>Let us dive directly into this <STRONG><A href="https://youtu.be/wA9J01LqbRk" target="_blank" rel="noopener">3-steps demo</A></STRONG> …</P> <P>&nbsp;</P> Mon, 06 Jan 2025 23:55:47 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/translate-suricata-ips-signatures-into-custom-palo-alto-networks/m-p/1000206#M2398 kvarshney 2025-01-06T23:55:47Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/translate-suricata-ips-signatures-into-custom-palo-alto-networks/m-p/1000234#M2399 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/471797567">@kvarshney</a>&nbsp;,</P> <P>&nbsp;</P> <P>Great explanation in the video !</P> <P>&nbsp;</P> <P>Thanks,</P> <P>-Kim.</P> Tue, 07 Jan 2025 08:24:49 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/translate-suricata-ips-signatures-into-custom-palo-alto-networks/m-p/1000234#M2399 kiwi 2025-01-07T08:24:49Z