on 08-15-201803:37 PM - last edited on 12-28-201805:40 PM by ploera
Palo Alto Networks Live Community reveals new Traps Management service updates for August in this new post by our community professionals. Read enhancements for Traps, find the release notes, and look over the new updated features. Join the discussion today and the information you need on Live Community.
The Traps team has been busy with updates and enhancements for Traps management service for August.
The Dashboard has been enhanced to streamline endpoint and security event management. From the Dashboard, you can now jump to a filtered list of endpoints that share any of the following characteristics—platform, content update status (latest or outdated), and license status (view a list of all licensed endpoints). For security events, you can also jump to filtered lists of unresolved events by severity. The Dashboard quick links enable you to quickly identify endpoints for which administrative action may be required.
Enhanced Endpoint Filters
To refine the number of endpoints on the Endpoints page, you can now apply new endpoint search filters:
Agent Version – Filters all endpoints for specific agent versions. Using this filter, you can quickly identify all endpoints running older Traps versions and upgrade them to the latest Traps version, ensuring the endpoint takes advantage of the latest security policy and Traps features.
Content Version – Filters all endpoints for specific content update versions. This filter provides visibility into which endpoints are using older content versions and may require manual remediation.
You can also search for a full or partial version in the drop down for each filter. The Traps management service evaluates multiple selections within a filter using an OR operator and across different filter types using an AND operator.
Security Event Search by Event ID
If you already know the unique Event ID for a security event, you can now use that ID to quickly locate a security event. To filter security events for an Event ID, you must enter the complete ID value.
Hash Exceptions Search
To quickly locate a hash exception, you can now search hash exceptions using the complete SHA256 value.
Process Exceptions Assignment Enhancement
To quickly configure process exceptions for select endpoints, you can now assign process exceptions to endpoint groups, AD groups, and AD organizational units (OU). Process exceptions will apply only to the platform type specified in the exception. In addition, in the case of AD objects that specify users and endpoints, a process exception will apply only on endpoints.
For more information onTraps management service release info, please see therelease notespage here: