Announcing New AIOps Alerts for PAN-OS Certificates Expiration
In our commitment to bolstering network security, we're excited to announce a significant enhancement to our Strata Cloud Manager platform. This update, to be released later this week, specifically addresses the critical issue of PAN-OS root and default certificate expiration.
- The Problem: PAN-OS Certificate Expiration
The upcoming December 31, 2023, expiration of key certificates in Palo Alto Networks firewalls and PAN-OS software is a pressing concern. The expiry of these certificates threatens to disrupt service and compromise security controls across a wide range of devices. This issue presents itself in two distinct scenarios:
- Data Redistribution Certificate Expiration (Scenario 1): Involves certificates that facilitate the sharing of information (like User-ID and IP-tags) among PAN devices.
- Content Update Certificate Expiration (Scenario 2): Concerns the certificate that validates the authenticity of content updates, crucial for detecting new threats and applications.
For more detailed information, visit this LIVEcommunity post.
- The Value of AIOps: Precise Detection and Tailored Recommendations
To address these issues, AIOps Free and Strata Cloud Manager with AIOps Premium license will deliver two specific alerts:
- Alert for Data Redistribution Certificate Expiration (Scenario 1):
- Detection: The alert targets devices using Data Redistribution services. It checks whether the device's software version matches the target upgrade versions, verifies enabled data redistribution features, and confirms that custom certificates are not being used.
- Recommendations: The alert advises on upgrading firewalls and Panorama appliances or deploying custom certificates where necessary, providing specific steps tailored to the device's configuration.
- Alert for Content Update Certificate Expiration (Scenario 2):
- Detection: This alert is broader, focusing on devices’ ability to verify content updates. It triggers when devices are not running the target software versions, have outdated Apps and Threat content, lack a valid device certificate, or use specific security subscriptions
- Recommendations: It recommends updating content versions, upgrading devices, or enabling device certificates. The alert provides detailed steps to ensure the device continues to receive and implement crucial content updates.
Both alerts utilize a comprehensive approach that includes analyzing the device's software status, security subscriptions, and overall configuration to provide the most accurate and helpful recommendations.
Here is a video showing both alerts in the product:
3. The Strata Cloud Manager Approach
Our Strata Cloud Manager platform employs, in its AIOps features, advanced analytics, encompassing feature extraction and sophisticated data analysis. This approach ensures that alerts are not only based on software versions but also consider a wider array of device-specific attributes and configurations. This results in more precise issue detection and more relevant recommendations for each unique scenario.
4. Call to Action
To benefit from these advanced features, we urge all customers to enable telemetry and activate AIOps Free or the AIOps Premium License for Strata Cloud Manager on their devices. This proactive engagement is crucial for timely and effective management of network security issues.
5. Additional Reading and Resources
For more in-depth information on this issue and how to address it, we recommend the following resources:
By engaging with these new AIOps alerts, you can effectively navigate these challenges and maintain a robust and secure network. Stay informed and prepared for continuous advancements in network security solutions.
