- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
04-25-2022 09:58 AM - edited 06-10-2022 01:45 PM
Configuration Wizard
Additional Best Practice Check Support
(Version 1.3.0)
This document provides detail on an additional BPA check that was recently added into Configuration Wizard.
Before we get into details we would like to provide a quick overview of Configuration Wizard. It’s a step-by-step configuration wizard that provides an intuitive, easy-to-use interface to configure firewalls to align with best practices. The Configuration Wizard takes the results of the BPA report and expedites the remediation process by outputting commands that can be easily pasted into any instance of PAN-OS and committed. This helps to configure their firewalls using existing applications and capabilities to properly secure their network.
Benefits of BPA+ include:
Best Practice Check available in Version 1.3.0
Category |
BPA Checks |
Device |
Script File Size Limit |
Script File Size Limit
The file size for script files should be set so all script files that pass through the firewall are sent to WildFire for inspection. The best practice assessment check ensures the file size limit for script files is set to 20KB.
As each firewall model has a different disk buffer size for forwarding to sandbox, increasing the maximum script file size limit may affect forwarding capacity in terms of the number of files the firewall can forward. So it’s possible that not all files would be forwarded to WildFire if multiple big zero-day files are processed at same time. You can tune the maximum size setting and observe whether there’s enough buffer space to handle a higher limit.
Feedback? contact us at bpaplus@paloaltonetworks.com