Prevent Brute Force Attacks

Table of Contents

Customize the Action and Trigger Conditions for a Brute Force Signature

Prevent Brute Force Attacks

Where Can I Use This?	What Do I Need?
Prisma Access (Managed by Strata Cloud Manager) Prisma Access (Managed by Panorama) NGFW (Managed by Strata Cloud Manager) NGFW (Managed by PAN-OS or Panorama) VM-Series CN-Series	Advanced Threat Prevention (for enhanced feature support) or Threat Prevention License

A brute force attack uses a large volume of requests/responses from the same source or destination IP address to break into a system. The attacker employs a trial-and-error method to guess the response to a challenge or a request.

The Vulnerability Protection profile includes signatures to protect against brute force attacks. Each signature has an ID, Threat Name, and Severity and is triggered when a pattern is recorded. The pattern specifies the conditions and interval at which the traffic is identified as a brute-force attack; some signatures are associated with another child signature that is of a lower severity and specifies the pattern to match against. When a pattern matches against the signature or child signature, it triggers the default action for the signature.

To enforce protection:

Attach the Vulnerability Protection profile to a Security policy rule. See Set Up Antivirus, Anti-Spyware, and Vulnerability Protection.
Install content updates that include new signatures to protect against emerging threats for the firewall. See Install Content and Software Updates.

Configure Inline Cloud Analysis

Customize the Action and Trigger Conditions for a Brute Force Signature

Advanced Threat Prevention

Prevent Brute Force Attacks

Advanced Threat Prevention

Prevent Brute Force Attacks

Activation & Onboarding

Next-Generation Firewalls

SASE

Cloud-Delivered Security Services

Network Security

Endpoints

Visibility & Monitoring

Best Practices