Expedition was conceived to reduce the time and efforts a security admin needs to improve and optimize their Palo Alto Networks configurations. Following that effort, we have added, within Expedition, support not only to run a BPA analysis if not also be able to remediate some of the failed checks (all related to Device Config) and now integration with the project IronSkillet. https://github.com/PaloAltoNetworks/iron-skillet
A few feature added in the ver 1.1.9 release is the identification of "Ghost" objects which may require special handling based on the configuration file sources.
What are "Ghost" objects Ghost objects are temporary address objects (address objects only) that were learned from the migration of the Security and NAT policies. The ghost objects are displayed under OBJECTS > Address along with a new counter in the project dashboard.
The attached document provides background information on what causes ghost objects and how to mitigate them within a configuration.
This document will discuss the following topics:
What are Ghost objects
Handling of Ghost objects