We are excited to announce that the Best Practice Assessment (BPA) will be transitioning to AIOps for NGFW. BPA is a tool that allows users to assess their firewall configuration against best practices, identify gaps that can pose network security risks, and get recommendations to mitigate issues.
While the BPA has proven very useful in helping customers identify and mitigate network security risks, it has some limitations. As security threats become increasingly agile, it becomes more critical than ever to have complete visibility into your security posture at all times. This transition to AIOps for NGFW will allow for several advantages over the current BPA, helping users improve their security and best practice compliance.
Starting July 17, 2023, TSF uploads to the Best Practice Assessment via the Customer Support Portal and Customer Success Site will be disabled. Historical BPA data will be maintained until December 31, 2023.
AIOps for NGFW offers several key advantages over the standalone BPA tool:
All AIOps BPA capabilities (excluding proactive BPA) are available free of charge, in the Free version of AIOps for NGFW.
AIOps for NGFW provides views of your feature adoption and configuration in the Feature Adoption dashboard, helping you understand the effectiveness and usage of your security features.
With the AIOps Best Practices dashboard report, you can continually assess your deployment and identify security misconfigurations.
For failed best practice checks that have CLI remediations available, you can also view and export remediation details via the Best Practices dashboard.
To unlock the full potential of your AIOps adoption and best practices dashboards, we recommend you onboard your devices to AIOps and enable telemetry (PAN-OS 10.0 or higher required). However, if you do not wish to enable telemetry for your devices, you can still upload PAN-OS version 9.1 and higher TSFs to AIOps via the On-Demand workflow, and generate adoption and best practices reports.
Additionally, AIOps for NGFW also generates security alerts for your Panorama device groups and template stacks that are failing best practices, helping you understand the most critical issues impacting your security posture and prioritize what to fix.
If you’re new to AIOps for NGFW, first activate your free AIOps for NGFW instance on the Hub.
Next, onboard your devices to AIOps for NGFW with telemetry enabled (PAN-OS 10.0 or higher required) to start generating daily adoption and best practice dashboard views, as well as security alerts for Panorama configuration.
If you do not wish to enable telemetry for your devices, you can upload PAN-OS 9.1 or higher TSFs via our On-Demand BPA workflow to generate adoption and best practices reports right away, no telemetry required.
Check out this demo, which walks through the best practice features available in AIOps for NGFW as part of this transition.
For more information about AIOps for NGFW, check out our AIOps for NGFW LIVEcommunity and TechDocs resources, or reach out to your PANW sales teams today.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
| Subject | Likes |
|---|---|
| 5 Likes | |
| 2 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like |
