Integration Partner

Partner Logo

Automate remediation at scale with ExtraHop and Palo Alto Networks.



ExtraHop Reveal(x) integrates with Palo Alto Networks Next-Generation Firewalls and Panorama management center to arm your SecOps team with a powerful arsenal of detection, triggers, and automated remediation so you can confidently secure the perimeter and all lateral network traffic against the most sophisticated cyber threats.

Next-Generation Firewall Policy Enforcement

ExtraHop Reveal(x) integrates with Palo Alto Networks for a three-part security workflow: detection, triggers, and remediation.

ExtraHop automatically detects suspicious activity indicating a compromised device, then extracts all relevant details and adds the device to an address group in a Palo Alto Networks firewall or in Panorama. Next, Palo Alto Networks firewall policies automatically block traffic to and from the compromised device.

Learn about the technical ins and outs of the integration as well as how to implement it in your environment here, or scroll down for information about the critical security use cases supported by ExtraHop + Palo Alto Networks.

Reveal(x) dashboard with Palo Alto Firewall integration

Key Features

Automated threat response

Remediation at scale

Hardened attack surface

Quote Icon

ExtraHop's integration with Palo Alto Networks NGFW and Panorama (Network Security Management) enables complete visibility and unparalleled security across the entire network with cohesive workflow policy management and enforcement at scale.

Use Cases for ExtraHop + Palo Alto Networks

Automated Response

ExtraHop Reveal(x), network traffic analysis for the enterprise, uses real-time traffic data coming over the wire to provide complete lateral (east-west) visibility, detection, and guided investigation. Armed with actionable insight, SecOps teams can detect anomalies and confidently automate remediation through Palo Alto Networks perimeter firewall policy enforcement to prevent potentially disastrous cyber attacks.

Remediation at Scale

ExtraHop Reveal(x) also integrates with Palo Alto Networks Panorama to expand the scaling capability of this killer combo even further. Reveal(x) uniquely scales to process 100Gbps and Petabytes of wire data to match enterprise requirements for analysis at scale. Reveal(x) can send quarantine requests to Panorama and automatically push the updates to groups of managed firewalls in order to enable policy management and enforcement at scale.

Complete Visibility

By combining ExtraHop Reveal(x) with Palo Alto Networks, you'll achieve complete lateral (east-west) and perimeter (north-south) visibility into all network traffic and devices. ExtraHop enables real-time visibility for up to 100,000 endpoints and up to 100Gbps of traffic, automatically discovering, classifying, and mapping every asset, device, and user in your environment.

Hardened Attack Surface

The deep, real-time visibility, threat detection, and automated remediation made possible through this integration help you take a Zero Trust posture on network traffic and devices. Unlike other platforms that merely alert you to possible threats, ExtraHop provides behavioral analytics, breach detection, and automated investigation that persistently inform and improve Palo Alto Networks global firewall policies.

Get the datasheet to get started.

Demo Image

Start the Demo

Stop data exfiltration, insider threats, and more with the full product demo.

Start Demo
Request Free Trial