Configuration Wizard Additional Best Practice Checks Support (Version 1.4.0)

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
L4 Transporter
No ratings


Configuration Wizard 

Additional Best Practice Checks Support

(Version 1.4.0)



This document provides detail on additional BPA checks that were recently added into Configuration Wizard. 

 

Before we get into details we would like to provide a quick overview of Configuration Wizard. It’s a step-by-step configuration wizard that provides an intuitive, easy-to-use interface to configure firewalls to align with best practices. The Configuration Wizard takes the results of the BPA report and expedites the remediation process by outputting commands that can be easily pasted into any instance of PAN-OS and committed.  This helps to configure their firewalls using existing applications and capabilities to properly secure their network.  

 

Benefits of Configuration Wizard include:

 

  • Improved Security Posture - Ensure expert best practices are being adhered to.
  • Quick & Easy - Deploy and implement best practices easily with the configuration wizard. 
  • Maximize Return on Investment - Get the most out of NGFW features with best-practice configurations.



Best Practice Checks that can be remediate with Configuration Wizard

 

Category

BPA Checks

Device

PE File Size Limit

PDF File Size Limit

MacOSX File Size Limit

APK File Size Limit

Archive File Size Limit

Flash File Size Limit

Jar File Size Limit

Linux File Size Limit

MS Office File Size Limit



PE File Size Limit

 

The file size for PE files should be set so all PE files that pass through the firewall are sent to WildFire for inspection. Each firewall model has a different disk buffer size for forwarding to sandbox, increasing the maximum PE file size limit may affect forwarding capacity in terms of the number of files the firewall can forward. 

 

It is possible that not all files would be forwarded to WildFire if multiple bug zero-day files are processed at the same time. You can tune the maximum size setting and observe whether there’s enough buffer space to handle a higher limit. The Best practice assessment check ensures the file size limit for PE files is set to 16MB.



PDF File Size Limit

 

The maximum file size for PDF files should be set so all PDF files that pass through the firewall are sent to WildFire for inspection. Each firewall model has a different disk buffer size for forwarding to sandbox, increasing the maximum PE file size limit may affect forwarding capacity in terms of the number of files the firewall can forward. 

 

It is possible that not all files would be forwarded to WildFire if multiple bug zero-day files are processed at the same time. You can tune the maximum size setting and observe whether there’s enough buffer space to handle a higher limit. The Best practice assessment check ensures the PDF file size is set at 3,072KB.




MacOSX File Size Limit

 

Set the file size for "MacOSX" files to 10 MB so all MacOSX files that pass through the firewall are sent to WildFire for inspection. Because each firewall model has a different disk buffer size for forwarding to sandbox, increasing the maximum MacOSX file size limit may affect forwarding capacity in terms of the number of files the firewall can forward, so it's possible that not all files would be forwarded to WildFire if multiple big zero-day files are processed at same time. 

 

You can tune the maximum size setting and observe whether there's enough buffer space to handle a higher limit.




APK File Size Limit

 

Set the file size for APK files to 10 MB so all APK files that pass through the firewall are sent to WildFire for inspection. Because each firewall model has a different disk buffer size for forwarding to sandbox, increasing the maximum APK file size limit may affect forwarding capacity in terms of the number of files the firewall can forward, so it's possible that not all files would be forwarded to WildFire if multiple big zero-day files are processed at same time. You can tune the maximum size setting and observe whether there's enough buffer space to handle a higher limit.




Archive File Size Limit

 

Set the maximum file size for archive files to 50 MB so all archive files that pass through the firewall are sent to WildFire for inspection. Because each firewall model has a different disk buffer size, increasing the maximum archive file size limit may affect forwarding capacity in terms of the number of files the firewall can forward, so it's possible that not all files would be forwarded to WildFire if multiple big zero-day files are processed at same time. You can tune the maximum size setting and observe whether there's enough buffer space to handle a higher limit.



Flash File Size Limit

 

Set the file size for "flash" files to 5 MB so all flash files that pass through the firewall are sent to WildFire for inspection. Because each firewall model has a different disk buffer size for forwarding to sandbox, increasing the maximum flash file size limit may affect forwarding capacity in terms of the number of files the firewall can forward, so it's possible that not all files would be forwarded to WildFire if multiple big zero-day files are processed at same time. You can tune the maximum size setting and observe whether there's enough buffer space to handle a higher limit.




Jar File Size Limit

 

Set the file size for "jar" files to 5 MB so all jar files that pass through the firewall are sent to WildFire for inspection. Because each firewall model has a different disk buffer size for forwarding to sandbox, increasing the maximum jar file size limit may affect forwarding capacity in terms of the number of files the firewall can forward, so it's possible that not all files would be forwarded to WildFire if multiple big zero-day files are processed at same time. You can tune the maximum size setting and observe whether there's enough buffer space to handle a higher limit.




Linux File Size Limit

 

Set the maximum file size for Linux files to 50 MB so all Linux files that pass through the firewall are sent to WildFire for inspection. Because each firewall model has a different disk buffer size, increasing the maximum Linux file size limit may affect forwarding capacity in terms of the number of files the firewall can forward, so it's possible that not all files would be forwarded to WildFire if multiple big zero-day files are processed at same time. You can tune the maximum size setting and observe whether there's enough buffer space to handle a higher limit.



MS Office File Size Limit

 

Set the file size for "ms-office" files to 16,384KB so all ms-office files that pass through the firewall are sent to WildFire for inspection. Because each firewall model has a different disk buffer size for forwarding to sandbox, increasing the maximum ms-office file size limit may affect forwarding capacity in terms of the number of files the firewall can forward, so it's possible that not all files would be forwarded to WildFire if multiple big zero-day files are processed at same time. You can tune the maximum size setting and observe whether there's enough buffer space to handle a higher limit.




Feedback? contact us at bpaplus@paloaltonetworks.com

Rate this article:
  • 1686 Views
  • 0 comments
  • 0 Likes
Register or Sign-in
Contributors
Article Dashboard
Version history
Last Updated:
‎06-10-2022 01:43 PM
Updated by: