Announcing AIOps for NGFW 2.5

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
L1 Bithead

Palo Alto Networks is proud to announce the availability of AIOps for NGFW 2.5 to help our customers improve the operational efficiency of managing firewalls from a health and performance point of view, maximize their security posture and visualize and report the interplay between users, applications, and threats across their entire deployment.

 

Key features in the AIOps for NGFW 2.5 release:

 

Improved Best Practice Assessments

 

AIOps now meets and exceeds all the capabilities of the standalone Best Practice Assessment for NGFW and Panorama tool.

 

This includes:

  • The ability to manually upload Tech Support Files (TSFs), which is particularly useful for NGFWs where telemetry simply cannot be enabled

ainfante_0-1670945624972.png

 

  • The telemetry-based “Best Practices” section of AIOps now has full parity with the standalone tool in terms of the number of checks performed – going to over 240 now.
  • The recommendations provided for Security Alerts now exceed the ones provided by the standalone tool in terms of how detailed and extensive they are, especially when it comes to providing CLI commands for remediation of the alerts (shown below).

ainfante_8-1670945799146.png

 


Security Posture Overview 

 

Security Posture Overview is a brand-new feature that allows customers to identify services and features of their NGFWs that are not activated or configured but are available to them and would improve their security posture. It further identifies NGFWs that may be activated and configured, but the configuration is not following Best Practices. This allows customers to fully leverage the capabilities that they have already licensed. A sense of relevance permeates all three stages. AIOps squeezes intelligence out of the configuration to map user-named zones to predefined network architecture roles and derive this sense of relevance.

 

 

ainfante_2-1670945625276.png

 

Dynamic Thresholds

 

Network traffic patterns vary by time of the day, day of the week, etc. With static threshold values, you may get accustomed to ignoring Alerts that you perceive as false alarms, and you might miss an actual Alert that could lead to a business outage.


With Dynamic Thresholds, AIOps automatically adjusts the warning level threshold values by employing ML algorithms that learn the behavior of the underlying metric. This feature means the Alert is generated only when the firewall is experiencing an actual problem. This dramatically reduces alerts that, with static values for the thresholds, might be created because of a cyclical behavior, or even if the normal behavior of the metric is just above the out-of-the-box static threshold values.

 

 

ainfante_3-1670945625264.png

 

CDL Infrastructure Health

 

The new CDL Infrastructure Health features ensure the CDL Infrastructure is stable and healthy – e.g., on log ingestion, forwarding and retention (to support Log Explore), Compliance, and Threat behavior analysis and trends.

ainfante_4-1670945624910.png


AIOps for NGFW relies on CDL data for many of its analytics features and ensuring the availability and integrity of that data is key to a well-oiled AIOps for NGFW deployment.

Software Upgrade Recommendation Engine

 

With the new SURE (Software Upgrade Recommendation Engine), AIOps for NGFW 2.5 Premium provides guidance on the software version best suited for your NGFWs based on: 

  • The enabled feature set on the firewall
  • The model of the hardware, and
  • Known vulnerabilities

 

ainfante_5-1670945624926.png

 

Policy Analyzer

 

AIOps for NGFW 2.5 Premium has the new Policy Analyzer which helps identify errors and misconfigurations in security policies; you can perform this analysis before committing changes to a NGFW’s policy configuration (Pre-Change Policy Analysis) or after the change has already been committed in Panorama (Post-Change Policy Analysis).

ainfante_6-1670945624928.png

 

When the operator receives a new request for a policy change, this feature allows the operator to understand if the desired outcome of this policy is already met, explicitly refuted or denied by default. 

 

New Threat Insights Dashboard

 

Last but not least: a new Threat Insights dashboard in AIOps 2.5 Premium which provides a 360-degree view into all the threats detected in your network — across WildFire, Advanced URL Filtering, DNS Security, Advanced Threat Prevention and Enterprise DLP. You can view all impacted users and applications as well as specific rules that are allowing or blocking threats:

 

ainfante_7-1670945624958.png

 

Check out what else is new and other enhancements by requesting a 90-day trial of AIOps for NGFW Premium.

Have you not activated your free instance of AIOps for NGFW yet? Here’s how.

 

AIOps for NGFW 

NGFW 

1 Comment
Register or Sign-in
Labels
Top Liked Authors