Best Practice Assessment Device

Here you will find content that will no longer be featured across LIVEcommunity. Although the content will soon be retired, it may still be relevant for your needs. For the most accurate and updated information on BPA, please visit the AIOps for NGFW articles.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
About Best Practice Assessment Device

Here you will find content that will no longer be featured across LIVEcommunity. Although the content will soon be retired, it may still be relevant for your needs. For the most accurate and updated information on BPA, please visit the AIOps for NGFW articles.

Content ID - HTTP Partial Response
View full article
Content ID - UDP Content Inspection Queue
View full article
This option should be checked to send the unknown files to wildfire for sandboxing if the file was received on NGFW as part of encrypted traffic.
View full article
Configuration logs provides insight to what configuration changes were made, which admin made the changes, time of the change and so on.
View full article
The data transferred through syslog to a syslog server can be made secure and encrypted by passing the data as transport SSL.
View full article
System logs of a firewall or Panorama are very important in learning about the system health, feature functioning, performance and more.
View full article
Session cookie timeout should be set to sufficient value so the user experience is good and should not prompt the user to login multiple times for user to IP address mapping.
View full article
On the Passive firewall the data links can be set to be physically up in a disabled state if we select the option 'Auto' this will help in bringing up the links quickly in a failover event and reduce the convergence time.
View full article
After recovering from failover the higher priority firewall will resume to be the active or active-primary unit if this option is enabled.
View full article
Server Log Monitor frequency setting ensures firewall will query Windows server security logs for user mapping information at set frequency Server Log Monitor frequency should be set in such a way that it should neither be frequent nor delayed.
View full article
HA Timer settings define the time for exchanging packets such as Hello and Heartbeat packets, also set the times for the HA pair devices before taking an action such as remaining active as in monitor fail hold up time and so on.
View full article
If HA1 and HA1-backup are configured with data plane ports then Heartbeat backup is needed. If Management port is used as HA1 bkup then Heartbeat backup is not needed.
View full article
Admin roles can provide us great customization in providing access to just what is needed and restrict the rest of the services in accessing a firewall or panorama.
View full article
Password profile helps by setting a fixed period for the password to be active and expires after that period.
View full article
Administrator accounts need to be controlled and provided the right and sufficient access to resources as necessary.
View full article
Authentication Settings under Firewall Management is available for authenticating administrators who have external accounts that are not defined in the firewall.
View full article
The Authentication sequence feature helps in falling back to a secondary, tertiary authenticaion system if the primary authentication method fails.
View full article
Antivirus content update frequency should be set to hourly recurrence.
View full article
GlobalProtect Clientless VPN content update has new and updated application signatures to enable Clientless VPN access to common web applications from the GlobalProtect portal.
View full article
GlobalProtect Data file has vendor-specific information for the HIP feature to be accurate and current so the checks can be made effectively and reduce false positives.
View full article
Security first customer: Should do hourly recurrence for download and install action and set threshold to less than 6 hours.
View full article
If the primary HA1 link fails the backup HA1 link communicates the control information to exchange information such as hearbeat, configuration sync, HA state information etc between the HA pair devices.
View full article
This option when enabled makes sure that the configuration is synchronized between the HA pair devices.
View full article
When enabled it monitors the connection stability between the HA pair devices on HA2 connection.
View full article
Session information will be synchronized with the passive device.
View full article
Link monitoring helps the firewall to failover if a physical link or group of links fail.
View full article
This option when enabled makes sure that the configuration is synchronized between the HA pair devices.
View full article
When Path Monitoring is enabled, ensure Path group(s) are defined with either Vwire path, Vlan Path or Virtual router path.
View full article
Authentication Settings under Firewall Management is available for authenticating administrators who have external accounts that are not defined in the firewall.
View full article
Captive Portal Settings should be enabled if Captive portal services are being used.
View full article
  • 94 Posts
  • 218 Subscriptions
Customer Advisories

Your security posture is important to us. If you’re a Palo Alto Networks customer, be sure to login to see the latest critical announcements and updates in our Customer Advisories area.

Learn how to subscribe to and receive email notifications here.

Listen to PANCast

PANCast is a Palo Alto Networks podcast that provides actionable insights to customers, helping you maximize your investment while improving your cybersecurity posture.

Labels
Top Contributors