This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
Hardening the security rule for service ports
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- Discussions
- General Topics
- Re: Hardening the security rule for service ports
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
11-06-2016 08:00 AM
Hello Experts
In my firewall configuration, many security rules have specific application but service ANY. I would like to harden service part as well. Once I veiw the logs for particular security rule to check service ports, there are many pages, I have to manually go. Is there any way I can generate the report for that particular security rule for service ports OR there is any script I can run against paritcular security rule to pull all the service ports (destination ports) from logs?
Appreciated your reply
7 REPLIES 7
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
11-08-2016 12:05 PM
@reaper Thanks 🙂 I run the report using for all rules having service any in qualifier and show the ports and applicaiton with rule name in filter but when I run the report, its just processing like became crazy 🙂 Is there any script I can run for this purpose?
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
11-09-2016 04:08 AM
@reaper The solution you gave, how I can run the report agains security rules who have SERVICE ANY?
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
11-09-2016 05:01 AM
ehm, i guess you could use the query builder to limit the report to certain rules only, but there is no operator for 'service = any'
Tom Piens
PANgurus - SASE and Strata specialist; (co)managed services, VAR and consultancy
PANgurus - SASE and Strata specialist; (co)managed services, VAR and consultancy
Related Content
- IKE phase 1 not working in General Topics
- For outbound rules for instances that need access to external APIs in Prisma Cloud Discussions
- DNS Security Subscription vs MDBR in General Topics
- Traffic getting hits on non-allowed URLs in General Topics
- Issues with sending Email Updates from Palo Alto Firewall in General Topics
Like what you see?
Show your appreciation!
Click Like if a post is helpful to you or if you just want to show your support.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks