[](https://www.paloaltonetworks.com/?ts=markdown) * CN * [USA (ENGLISH)](https://www.paloaltonetworks.com/) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * CHINA (简体中文) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [联系我们](https://www.paloaltonetworks.cn/contact?ts=markdown) * [资源](https://www.paloaltonetworks.cn/resources?ts=markdown) * [获得支持](https://support.paloaltonetworks.com/support) * [遭遇攻击?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * 产品 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 产品 [人工智能驱动的网络安全平台](https://www.paloaltonetworks.cn/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.cn/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.cn/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.cn/sase/ai-access-security?ts=markdown) * [云交付的安全服务](https://www.paloaltonetworks.cn/network-security/security-subscriptions?ts=markdown) * [高级威胁预防](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.cn/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.cn/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.cn/network-security/advanced-dns-security?ts=markdown) * [企业数据丢失防护](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.cn/network-security/enterprise-device-security?ts=markdown) * [医疗物联网安全](https://www.paloaltonetworks.cn/network-security/medical-iot-security?ts=markdown) * [工业 OT 安全](https://www.paloaltonetworks.cn/network-security/industrial-ot-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown) * [新一代防火墙](https://www.paloaltonetworks.cn/network-security/next-generation-firewall?ts=markdown) * [硬件防火墙](https://www.paloaltonetworks.cn/network-security/hardware-firewall-innovations?ts=markdown) * [软件防火墙](https://www.paloaltonetworks.cn/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.cn/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.cn/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.cn/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.cn/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.cn/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.cn/sase?ts=markdown) * [应用加速](https://www.paloaltonetworks.cn/sase/app-acceleration?ts=markdown) * [自主数字体验管理](https://www.paloaltonetworks.cn/sase/adem?ts=markdown) * [企业 DLP](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.cn/sase/access?ts=markdown) * [Prisma 浏览器](https://www.paloaltonetworks.cn/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.cn/sase/sd-wan?ts=markdown) * [远程浏览器隔离](https://www.paloaltonetworks.cn/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown) [基于 AI 的安全运营平台](https://www.paloaltonetworks.cn/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown) * [应用安全](https://www.paloaltonetworks.cn/cortex/cloud/application-security?ts=markdown) * [云态势安全](https://www.paloaltonetworks.cn/cortex/cloud/cloud-posture-security?ts=markdown) * [云运行时安全](https://www.paloaltonetworks.cn/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.cn/prisma/cloud?ts=markdown) * [Unit 42 托管检测和响应](https://www.paloaltonetworks.cn/cortex/managed-detection-and-response?ts=markdown) * [人工智能驱动的 SOC](https://www.paloaltonetworks.cn/cortex?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.cn/cortex/advanced-email-security?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.cn/cortex/exposure-management?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.cn/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.cn/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.cn/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.cn/cortex/cortex-xpanse?ts=markdown) * [托管 XSIAM](https://www.paloaltonetworks.cn/cortex/managed-xsiam?ts=markdown) * 解决方案 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 解决方案 AI 安全 * [安全的人工智能生态系统](https://www.paloaltonetworks.cn/prisma/prisma-ai-runtime-security?ts=markdown) * [安全使用 GenAI](https://www.paloaltonetworks.cn/sase/ai-access-security?ts=markdown) 网络安全 * [云网络安全](https://www.paloaltonetworks.cn/network-security/software-firewalls?ts=markdown) * [数据中心安全](https://www.paloaltonetworks.cn/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.cn/network-security/advanced-dns-security?ts=markdown) * [入侵检测和防御](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown) * [IoT Security](https://www.paloaltonetworks.cn/network-security/enterprise-device-security?ts=markdown) * [5G 安全](https://www.paloaltonetworks.cn/network-security/5g-security?ts=markdown) * [确保所有应用、用户和位置的安全](https://www.paloaltonetworks.cn/sase/secure-users-data-apps-devices?ts=markdown) * [确保分支机构转型的安全](https://www.paloaltonetworks.cn/sase/secure-branch-transformation?ts=markdown) * [确保任何设备上的工作安全](https://www.paloaltonetworks.cn/sase/secure-work-on-any-device?ts=markdown) * [VPN 替代](https://www.paloaltonetworks.cn/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web 和网络钓鱼安全](https://www.paloaltonetworks.cn/network-security/advanced-url-filtering?ts=markdown) 云安全 * [应用安全态势管理 (ASPM)](https://www.paloaltonetworks.cn/cortex/cloud/application-security-posture-management?ts=markdown) * [软件供应链安全](https://www.paloaltonetworks.cn/cortex/cloud/software-supply-chain-security?ts=markdown) * [代码安全](https://www.paloaltonetworks.cn/cortex/cloud/code-security?ts=markdown) * [云安全态势管理 (CSPM)](https://www.paloaltonetworks.cn/cortex/cloud/cloud-security-posture-management?ts=markdown) * [云基础架构权限管理 (CIEM)](https://www.paloaltonetworks.cn/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [数据安全态势管理 (DSPM)](https://www.paloaltonetworks.cn/cortex/cloud/data-security-posture-management?ts=markdown) * [AI 安全态势管理 (AI-SPM)](https://www.paloaltonetworks.cn/cortex/cloud/ai-security-posture-management?ts=markdown) * [云检测与响应 (CDR)](https://www.paloaltonetworks.cn/cortex/cloud-detection-and-response?ts=markdown) * [云工作负载保护 (CWP)](https://www.paloaltonetworks.cn/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web 应用及 API 安全 (WAAS)](https://www.paloaltonetworks.cn/cortex/cloud/web-app-api-security?ts=markdown) 安全运营 * [云检测和响应](https://www.paloaltonetworks.cn/cortex/cloud-detection-and-response?ts=markdown) * [网络安全自动化](https://www.paloaltonetworks.cn/cortex/network-security-automation?ts=markdown) * [事件案例管理](https://www.paloaltonetworks.cn/cortex/incident-case-management?ts=markdown) * [SOC 自动化](https://www.paloaltonetworks.cn/cortex/security-operations-automation?ts=markdown) * [威胁情报管理](https://www.paloaltonetworks.cn/cortex/threat-intel-management?ts=markdown) * [托管的检测和响应](https://www.paloaltonetworks.cn/cortex/managed-detection-and-response?ts=markdown) * [攻击面管理](https://www.paloaltonetworks.cn/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [合规性管理](https://www.paloaltonetworks.cn/cortex/cortex-xpanse/compliance-management?ts=markdown) * [互联网运营管理](https://www.paloaltonetworks.cn/cortex/cortex-xpanse/internet-operations-management?ts=markdown) 端点安全 * [端点防护](https://www.paloaltonetworks.cn/cortex/endpoint-protection?ts=markdown) * [扩展的检测和响应](https://www.paloaltonetworks.cn/cortex/detection-and-response?ts=markdown) * [勒索软件防护](https://www.paloaltonetworks.cn/cortex/ransomware-protection?ts=markdown) * [数字取证](https://www.paloaltonetworks.cn/cortex/digital-forensics?ts=markdown) [行业](https://www.paloaltonetworks.cn/industry?ts=markdown) * [公共部门](https://www.paloaltonetworks.com/industry/public-sector) * [金融服务](https://www.paloaltonetworks.com/industry/financial-services) * [制造](https://www.paloaltonetworks.com/industry/manufacturing) * [医疗保健](https://www.paloaltonetworks.com/industry/healthcare) * [中小型企业解决方案](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio) * 服务 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 服务 [威胁情报和事件响应服务](https://www.paloaltonetworks.cn/unit42?ts=markdown) * [评估](https://www.paloaltonetworks.cn/unit42/assess?ts=markdown) * [AI 安全评估](https://www.paloaltonetworks.cn/unit42/assess/ai-security-assessment?ts=markdown) * [攻击面评估](https://www.paloaltonetworks.cn/unit42/assess/attack-surface-assessment?ts=markdown) * [防泄露准备工作审核](https://www.paloaltonetworks.cn/unit42/assess/breach-readiness-review?ts=markdown) * [BEC 准备情况评估](https://www.paloaltonetworks.com/bec-readiness-assessment) * [云安全评估](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment) * [入侵评估](https://www.paloaltonetworks.cn/unit42/assess/compromise-assessment?ts=markdown) * [网络风险评估](https://www.paloaltonetworks.cn/unit42/assess/cyber-risk-assessment?ts=markdown) * [并购网络尽职调查](https://www.paloaltonetworks.cn/unit42/assess/mergers-acquisitions-cyber-due-dilligence?ts=markdown) * [渗透测试](https://www.paloaltonetworks.cn/unit42/assess/penetration-testing?ts=markdown) * [紫队演习](https://www.paloaltonetworks.cn/unit42/assess/purple-teaming?ts=markdown) * [勒索软件就绪评估](https://www.paloaltonetworks.cn/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC 评估](https://www.paloaltonetworks.com/unit42/assess/soc-assessment) * [供应链风险评估](https://www.paloaltonetworks.cn/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [桌面演习](https://www.paloaltonetworks.cn/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 顾问人员](https://www.paloaltonetworks.cn/unit42/retainer?ts=markdown) * [响应](https://www.paloaltonetworks.cn/unit42/respond?ts=markdown) * [云事故响应](https://www.paloaltonetworks.cn/unit42/respond/cloud-incident-response?ts=markdown) * [数字取证](https://www.paloaltonetworks.cn/unit42/respond/digital-forensics?ts=markdown) * [事件响应](https://www.paloaltonetworks.cn/unit42/respond/incident-response?ts=markdown) * [托管检测与响应](https://www.paloaltonetworks.cn/unit42/respond/managed-detection-response?ts=markdown) * [托管威胁追踪](https://www.paloaltonetworks.cn/unit42/respond/managed-threat-hunting?ts=markdown) * [托管 XSIAM](https://www.paloaltonetworks.cn/cortex/managed-xsiam?ts=markdown) * [Unit 42 顾问人员](https://www.paloaltonetworks.cn/unit42/retainer?ts=markdown) * [转型](https://www.paloaltonetworks.cn/unit42/transform?ts=markdown) * [事故响应计划制定与审核](https://www.paloaltonetworks.cn/unit42/transform/incident-response-plan-development-review?ts=markdown) * [安全计划设计](https://www.paloaltonetworks.cn/unit42/transform/security-program-design?ts=markdown) * [虚拟 CISO](https://www.paloaltonetworks.cn/unit42/transform/vciso?ts=markdown) * [零信任咨询](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory) [全球客户服务](https://www.paloaltonetworks.cn/services?ts=markdown) * [教育与培训](https://www.paloaltonetworks.com/services/education) * [专业服务](https://www.paloaltonetworks.com/services/consulting) * [成功工具](https://www.paloaltonetworks.com/services/customer-success-tools) * [支持服务](https://www.paloaltonetworks.com/services/solution-assurance) * [客户成功](https://www.paloaltonetworks.com/services/customer-success) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) Unit 42 顾问人员 为满足企业的需求而定制,您可以选择将顾问人员工时数分配给我们的任意产品,包括主动网络风险管理服务。了解如何一键呼叫世界一流的 Unit 42 事故响应团队。 了解更多](https://www.paloaltonetworks.cn/unit42/retainer?ts=markdown) * 合作伙伴 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 合作伙伴 NextWave 合作伙伴 * [NextWave 合作伙伴社区](https://www.paloaltonetworks.com/partners) * [云服务提供商](https://www.paloaltonetworks.com/partners/nextwave-for-csp) * [全球系统集成商](https://www.paloaltonetworks.com/partners/nextwave-for-gsi) * [技术合作伙伴](https://www.paloaltonetworks.com/partners/technology-partners) * [服务提供商](https://www.paloaltonetworks.com/partners/service-providers) * [解决方案提供商](https://www.paloaltonetworks.com/partners/nextwave-solution-providers) * [托管安全服务提供商](https://www.paloaltonetworks.com/partners/managed-security-service-providers) 采取行动 * [门户网站登录](https://www.paloaltonetworks.com/partners/nextwave-partner-portal) * [管理的服务计划](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program) * [成为合作伙伴](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [请求访问](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [查找合作伙伴](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE 代表了因其安全专业知识而值得信赖的前 1% 的合作伙伴工程师。 了解更多](https://www.paloaltonetworks.com/cyberforce) * 公司 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 公司 Palo Alto Networks * [关于我们](https://www.paloaltonetworks.cn/about-us?ts=markdown) * [管理团队](https://www.paloaltonetworks.com/about-us/management) * [投资者关系](https://investors.paloaltonetworks.com/) * [地点](https://www.paloaltonetworks.com/about-us/locations) * [道德与合规性](https://www.paloaltonetworks.com/company/ethics-and-compliance) * [企业责任](https://www.paloaltonetworks.com/about-us/corporate-responsibility) * [军人和退伍军人](https://jobs.paloaltonetworks.com/military) [为什么选择 Palo Alto Networks?](https://www.paloaltonetworks.cn/why-paloaltonetworks?ts=markdown) * [Precision AI 安全](https://www.paloaltonetworks.cn/precision-ai-security?ts=markdown) * [我们的平台方法](https://www.paloaltonetworks.cn/why-paloaltonetworks/platformization?ts=markdown) * [加速网络安全转型](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio) * [获得的奖项与表彰](https://www.paloaltonetworks.com/about-us/awards) * [客户案例](https://www.paloaltonetworks.cn/customers?ts=markdown) * [全球认证](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance) * [全方位信任计划](https://www.paloaltonetworks.com/resources/whitepapers/trust-360) 职业生涯 * [概述](https://jobs.paloaltonetworks.com/) * [文化与福利](https://jobs.paloaltonetworks.com/culture) [《新闻周刊》评选出的最受欢迎的工作场所 善待员工的企业 阅读更多](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021) * 更多内容 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 更多内容 资源 * [博客](https://www.paloaltonetworks.com/blog/?lang=zh-hans) * [Unit 42 威胁研究博客](https://unit42.paloaltonetworks.com/) * [社区](https://www.paloaltonetworks.com/communities) * [内容库](https://www.paloaltonetworks.cn/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.cn/cyberpedia?ts=markdown) * [技术内幕](https://techinsider.paloaltonetworks.com/) * [知识库](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks 频道](https://tv.paloaltonetworks.com/) * [领导者的视角](https://www.paloaltonetworks.com/perspectives/) * [《网络视角》杂志](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine) * [区域云位置](https://www.paloaltonetworks.cn/products/regional-cloud-locations?ts=markdown) * [技术文档](https://docs.paloaltonetworks.com/) * [安全态势评估](https://www.paloaltonetworks.cn/security-posture-assessment?ts=markdown) * [威胁载体播客](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) 联系 * [在线社区](https://live.paloaltonetworks.com/) * [活动资讯](https://events.paloaltonetworks.com/) * [高管简报中心](https://www.paloaltonetworks.com/about-us/executive-briefing-program) * [演示](https://www.paloaltonetworks.cn/demos?ts=markdown) * [联系我们](https://www.paloaltonetworks.cn/company/contact-sales?ts=markdown) [博客 了解行业趋势和全球最大网络安全公司的最新创新 了解更多](https://www.paloaltonetworks.com/blog/?lang=zh-hans) * CN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com/) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * CHINA (简体中文) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [联系我们](https://www.paloaltonetworks.cn/contact?ts=markdown) * [资源](https://www.paloaltonetworks.cn/resources?ts=markdown) * [获得支持](https://support.paloaltonetworks.com/support) * [遭遇攻击?](https://start.paloaltonetworks.com/contact-unit42.html) * [立即开始](https://www.paloaltonetworks.cn/get-started?ts=markdown) 搜索 Close search modal [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.cn/cyberpedia?ts=markdown) 2. [Network Security](https://www.paloaltonetworks.com/cyberpedia/network-security?ts=markdown) 3. [什么是入侵防御系统?](https://www.paloaltonetworks.cn/cyberpedia/what-is-an-intrusion-prevention-system-ips?ts=markdown) 目录 * [入侵防御系统如何工作](#how) * [入侵防御系统的类型](#types) * [入侵防御系统的优点](#benefits) * [IPS 的关键特性](#critical) * [用于规避威胁检测的深度学习](#deep) * [入侵防御系统常见问题解答](#faqs) # 什么是入侵防御系统? 目录 * [入侵防御系统如何工作](#how) * [入侵防御系统的类型](#types) * [入侵防御系统的优点](#benefits) * [IPS 的关键特性](#critical) * [用于规避威胁检测的深度学习](#deep) * [入侵防御系统常见问题解答](#faqs) 1. 入侵防御系统如何工作 * [1. 入侵防御系统如何工作](#how) * [2. 入侵防御系统的类型](#types) * [3. 入侵防御系统的优点](#benefits) * [4. IPS 的关键特性](#critical) * [5. 用于规避威胁检测的深度学习](#deep) * [6. 入侵防御系统常见问题解答](#faqs) [IPS 解决方案](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown)在很大程度上实现了自动化,有助于在恶意活动到达其他安全设备或控件之前将其过滤掉。这就减少了安全团队的手动工作量,并允许其他安全产品更有效地执行。 IPS 解决方案在检测和防止漏洞利用方面也非常有效。当发现漏洞时,在应用安全补丁之前通常有一个被利用的机会窗口。这里使用入侵防御系统来快速拦截这些类型的攻击。 IPS 设备最初是在 2000 年代中期作为独立设备构建和发布的。这种功能已经集成到统一威胁管理 (UTM) 解决方案以及[新一代防火墙](https://www.paloaltonetworks.cn/network-security/next-generation-firewall?ts=markdown)中。新一代 IPS 解决方案现已连接到基于云的计算和网络服务。 ## 入侵防御系统如何工作 IPS 直接内联放置在源和目标之间的网络流量中。这就是 IPS 与其前身 - 入侵检测系统 (IDS) 的区别。相反,IDS 是一个被动系统,它扫描流量并报告威胁。 这种解决方案通常位于防火墙后面,分析进入网络的所有流量,并在必要时采取自动操作。 这些操作可以包括: * 向管理员发送警报(IDS 中也是一样) * 丢弃恶意数据包 * 拦截来自源地址的流量 * 重置连接 * 配置防火墙,防止未来的攻击 ![Diagram an intrusion prevention system](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-an-ips.png) 作为内联安全组件,IPS 必须能够: * 高效工作,避免网络性能降级 * 快速工作,因为漏洞利用可以近乎实时地发生 * 准确检测和响应,消除威胁和误报(即,合法数据包被误读为威胁)。 为了成功地做到这一点,有多种技术可以用来发现漏洞利用并保护网络免受未经授权的访问。其中包括: * **基于特征的检测** 是一种基于每个漏洞利用代码中唯一可识别模式(或特征)字典的检测方法。当发现漏洞利用时,其特征会被记录下来并存储在不断增长的特征字典中。IPS 的特征检测分为两种类型: * **面向漏洞利用的特征**通过触发特定漏洞利用尝试的独特模式来识别各种漏洞利用。IPS 可以通过在流量流中查找与面向漏洞利用的特征的匹配来识别特定的漏洞利用。 * **面向漏洞的特征**是更广泛的特征,针对的是目标系统中的潜在漏洞。这些特征可以保护网络免受不明身份者的攻击。它们还增加了误报的风险。 * **基于异常的检测**随机抽取网络流量样本,并将其与预先计算的基线性能水平进行比较。当流量活动超出基准性能参数时,IPS 会采取措施。 * **基于策略的检测**要求系统管理员根据企业的安全策略和网络基础设施配置安全策略。如果发生任何违反定义的安全策略的活动,则会触发警报并发送给管理员。 ## 入侵防御系统的类型 IPS 解决方案有多种类型,可针对不同目的进行部署。其中包括: * **基于网络的入侵防御系统 (NIPS)**,安装在战略点以监控所有网络流量并扫描威胁。 * **主机入侵防御系统 (HIPS)**,安装在端点上,仅查看来自该计算机的入站/出站流量。HIPS 通常与 NIPS 结合使用,充当威胁的最后一道防线。 * **网络行为分析 (NBA)** 分析网络流量,检测异常流量并发现新的恶意软件或零日漏洞。 * **无线入侵防御系统 (WIPS)** 扫描 Wi-Fi 网络是否存在未经授权的访问并删除任何未经授权的设备。 ## 入侵防御系统的优点 入侵防御系统具有许多安全优势: * 降低业务风险并提高安全性 * 更好地了解攻击,从而提供更好的保护 * 提高效率,可以检查所有流量是否存在威胁 * 减少管理漏洞和补丁所需的资源 ## IPS 的关键特性 IPS 是防止某些最具威胁性的高级攻击的重要工具。在选择的 IPS 中寻找以下功能: * **IPS 漏洞防护** 应用程序漏洞是泄露、感染和勒索软件攻击生命周期中常见的初始步骤。虽然报告的漏洞数量逐年上升,但攻击者只需利用一个漏洞即可获得企业的访问权限。 Apache Struts、Drupal、远程访问、VPN、Microsoft Exchange、Microsoft SMB、操作系统、浏览器和 IoT 系统等应用程序中的关键漏洞,仍然是针对企业的最主要企图利用漏洞。 漏洞利用和 RDP 入侵是对手进入企业并发起勒索软件攻击的两种主要方式。因此,漏洞保护是安全防护的重要组成部分。 * **反恶意软件保护** 基于流的扫描引擎可检测已知的恶意软件及其未知变体,然后高速内联拦截它们。IPS 和反恶意软件保护通过一项服务解决多个威胁载体。这是从传统供应商那里购买和维护单独的 IPS 产品的便捷替代方案。 * **全面的命令和控制防护** 初次感染后,攻击者通过隐蔽的 C2 通道与主机进行通信。C2 通道用于拉取其他恶意软件、发出进一步指令并窃取数据。 随着 Cobalt Strike 等工具集以及加密或混淆流量的使用越来越多,攻击者更容易创建完全可定制的命令和控制通道。使用传统基于特征的方法无法阻止这些通道。 因此,IPS 解决方案必须具备内联拦截和防止未知 C2 的功能。IPS 解决方案还应检测并阻止可能受到以下威胁的系统的出站 C2 通信: * 已知的恶意软件系列 * Web 外壳 * 远程访问木马 * **自动安全操作** 安全运营团队应该能够快速行动、隔离并实施策略来控制潜在的感染。其中包括更强的安全策略和控制,如自动多因素身份验证。 * **广泛的可视性和精细的控制** 事故响应团队能够立即确定哪些系统受到攻击以及哪些用户可能受到感染,从而受益匪浅。这比根据 IP 地址猜测要有效得多。将应用和用户的策略控制权交给 IT 和安全人员可以大幅简化网络安全策略的创建和管理流程。 * **一致、简化的策略管理** 为了实现全面保护,现代分布式网络需要在以下方面保持一致的策略: * 企业周边 * 数据中心 * 公有云和私有云 * SaaS 应用 * 远程用户。 * **自动化威胁情报** 生成和使用高质量的威胁情报很重要,但自动将情报转化为保护也是必要的。现代 IPS 必须可以自动利用威胁情报跟上攻击的速度。 ## 用于规避威胁检测的深度学习 为了防止复杂的规避威胁增加,入侵防御系统应部署内联深度学习。内联深度学习显著增强了检测能力,无需依赖特征即可准确识别前所未见的恶意流量。 深度学习模型会经历多层分析并在几毫秒内处理数百万个数据点。这些复杂的模式识别系统以无与伦比的准确性分析网络流量活动。这样的系统还可以内联识别未知的恶意流量,误报率极低。这一额外的智能保护层可进一步保护敏感信息并防止可能导致企业瘫痪的攻击。 要了解有关 IPS 解决方案如何在安全基础设施中发挥作用的更多信息,请阅读本文:[Palo Alto Networks 防御入侵的方法](https://start.paloaltonetworks.cn/paloaltonetworks-approach-to-intrusion-prevention-wp.html)。r: [Palo Alto Networks Approach to Intrusion Prevention](https://start.paloaltonetworks.com/paloaltonetworks-approach-to-intrusion-prevention-wp.html). ## 入侵防御系统常见问题解答 ### 入侵防御系统有哪两种主要类型? 入侵防御系统有多种检测恶意活动的方法,但最常用的两种主要方法如下:基于特征的检测和基于统计异常的检测。 ### 使用 IPS 系统有什么优点? 借助 IPS,优点是可以识别恶意活动、记录和报告检测到的威胁,并采取预防措施阻止威胁造成严重损害。 ### 我需要带有 IPS 的防火墙吗? 是的。IPS 之所以必要,部分原因在于它们可以堵住防火墙未堵住的安全漏洞。入侵防御系统的设计目的是在恶意罪犯对系统造成危害之前,检测并拒绝其访问。IPS 是新一代防火墙不可或缺的一部分,可提供急需的附加安全层。 相关内容 [命令和控制详解 命令与控制 (C2) 是威胁行为者在初次利用后用来维持与受感染设备之间通信的一组工具和技术。](https://www.paloaltonetworks.com/cyberpedia/command-and-control-explained) [通过深度学习和机器学习保护您的网络 Palo Alto Networks Advanced Threat Prevention 是首款通过独特的深度学习模型内联阻止未知规避命令和控制的 IPS 解决方案。](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown) [了解 Palo Alto Networks 防御入侵的方法 Palo Alto Networks Threat Prevention 超越了传统的入侵防御系统,可以检查所有流量并自动拦截已知威胁。](https://start.paloaltonetworks.cn/paloaltonetworks-approach-to-intrusion-prevention-wp) [了解第一个实时阻止未知 C2 的 IPS Palo Alto Networks Advanced Threat Prevention 通过独特的深度学习和机器学习模型,以内联方式阻止未知的规避命令和控制流量。](https://www.paloaltonetworks.cn/resources/datasheets/advanced-threat-prevention?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=%E4%BB%80%E4%B9%88%E6%98%AF%E5%85%A5%E4%BE%B5%E9%98%B2%E5%BE%A1%E7%B3%BB%E7%BB%9F%EF%BC%9F&body=IPS%20%E8%A7%A3%E5%86%B3%E6%96%B9%E6%A1%88%E5%9C%A8%E6%A3%80%E6%B5%8B%E5%92%8C%E9%98%B2%E6%AD%A2%E6%BC%8F%E6%B4%9E%E5%88%A9%E7%94%A8%E6%96%B9%E9%9D%A2%E4%B9%9F%E9%9D%9E%E5%B8%B8%E6%9C%89%E6%95%88%E3%80%82%E5%BD%93%E5%8F%91%E7%8E%B0%E6%BC%8F%E6%B4%9E%E6%97%B6%EF%BC%8C%E5%9C%A8%E5%BA%94%E7%94%A8%E5%AE%89%E5%85%A8%E8%A1%A5%E4%B8%81%E4%B9%8B%E5%89%8D%E9%80%9A%E5%B8%B8%E6%9C%89%E4%B8%80%E4%B8%AA%E8%A2%AB%E5%88%A9%E7%94%A8%E7%9A%84%E6%9C%BA%E4%BC%9A%E7%AA%97%E5%8F%A3%E3%80%82%E8%BF%99%E9%87%8C%E4%BD%BF%E7%94%A8%E5%85%A5%E4%BE%B5%E9%98%B2%E5%BE%A1%E7%B3%BB%E7%BB%9F%E6%9D%A5%E5%BF%AB%E9%80%9F%E6%8B%A6%E6%88%AA%E8%BF%99%E4%BA%9B%E7%B1%BB%E5%9E%8B%E7%9A%84%E6%94%BB%E5%87%BB%E3%80%82%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-is-an-intrusion-prevention-system-ips) 返回页首 {#footer} ## 产品和服务 * [实时人工智能驱动的网络安全](https://www.paloaltonetworks.cn/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.cn/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.cn/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.cn/sase/ai-access-security?ts=markdown) * [云交付的安全服务](https://www.paloaltonetworks.cn/network-security/security-subscriptions?ts=markdown) * [高级威胁预防](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.cn/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.cn/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.cn/network-security/advanced-dns-security?ts=markdown) * [企业数据丢失防护](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.cn/network-security/enterprise-iot-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.cn/network-security/medical-iot-security?ts=markdown) * [工业 OT 安全](https://www.paloaltonetworks.cn/network-security/industrial-ot-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown) * [新一代防火墙](https://www.paloaltonetworks.cn/network-security/next-generation-firewall?ts=markdown) * [硬件防火墙](https://www.paloaltonetworks.cn/network-security/hardware-firewall-innovations?ts=markdown) * [软件防火墙](https://www.paloaltonetworks.cn/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.cn/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.cn/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.cn/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.cn/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.cn/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.cn/sase?ts=markdown) * [应用加速](https://www.paloaltonetworks.cn/sase/app-acceleration?ts=markdown) * [自主数字体验管理](https://www.paloaltonetworks.cn/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.cn/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.cn/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.cn/sase/sd-wan?ts=markdown) * [远程浏览器隔离](https://www.paloaltonetworks.cn/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown) * [基于 AI 的安全运营平台](https://www.paloaltonetworks.cn/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.cn/cortex/cloud/application-security?ts=markdown) * [云态势安全](https://www.paloaltonetworks.cn/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.cn/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.cn/prisma/cloud?ts=markdown) * [人工智能驱动的 SOC](https://www.paloaltonetworks.cn/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.cn/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.cn/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.cn/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.cn/cortex/cortex-xpanse?ts=markdown) * [Unit 42 托管检测和响应](https://www.paloaltonetworks.cn/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.cn/cortex/managed-xsiam?ts=markdown) * [威胁情报和事件响应服务](https://www.paloaltonetworks.cn/unit42?ts=markdown) * [主动评估](https://www.paloaltonetworks.cn/unit42/assess?ts=markdown) * [事故响应](https://www.paloaltonetworks.cn/unit42/respond?ts=markdown) * [安全策略转型](https://www.paloaltonetworks.cn/unit42/transform?ts=markdown) * [发现威胁情报](https://www.paloaltonetworks.cn/unit42/threat-intelligence-partners?ts=markdown) ## 公司 * [关于我们](https://www.paloaltonetworks.cn/about-us?ts=markdown) * [人才招聘](https://jobs.paloaltonetworks.com/en/) * [联系我们](https://www.paloaltonetworks.cn/company/contact-sales?ts=markdown) * [企业责任](https://www.paloaltonetworks.com/about-us/corporate-responsibility) * [客户](https://www.paloaltonetworks.cn/customers?ts=markdown) * [投资者关系](https://investors.paloaltonetworks.com/) * [位置](https://www.paloaltonetworks.com/about-us/locations) * [新闻资讯](https://www.paloaltonetworks.cn/company/newsroom?ts=markdown) ## 热门链接 * [博客](https://www.paloaltonetworks.com/blog/?lang=zh-hans) * [社区](https://www.paloaltonetworks.com/communities) * [内容库](https://www.paloaltonetworks.cn/resources?ts=markdown) * [网络百科](https://www.paloaltonetworks.com/cyberpedia) * [事件中心](https://events.paloaltonetworks.com/) * [管理电子邮件首选项](https://start.paloaltonetworks.com/preference-center) * [产品清单](https://www.paloaltonetworks.cn/products/products-a-z?ts=markdown) * [产品认证](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance) * [报告漏洞](https://www.paloaltonetworks.com/security-disclosure) * [网站地图](https://www.paloaltonetworks.cn/sitemap?ts=markdown) * [技术文档](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [请勿出售或分享我的个人信息](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [隐私](https://www.paloaltonetworks.com/legal-notices/privacy) * [信任中心](https://www.paloaltonetworks.com/legal-notices/trust-center) * [使用条款](https://www.paloaltonetworks.com/legal-notices/terms-of-use) * [文档](https://www.paloaltonetworks.com/legal) 版权所有 © 2025 Palo Alto Networks。保留所有权利 * [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * CN Select your language