How to monitor threats for Panorama traffic

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

How to monitor threats for Panorama traffic

L1 Bithead

Hello,

We can check if a fw is hitting some vulnerability checking the monitor threat tab, I would like to know if there is a way to check the same think for panorama traffic, thanks in advance.

 

Regards

1 accepted solution

Accepted Solutions

Cyber Elite
Cyber Elite

Thank you for quick reply @Maria-Victoria

 

Since Panorama does not have any firewall feature and does not process any data plane traffic, there is no equivalent in Panorama what you are used to see in regular Firewall with Threat logs. Panorama can't check itself for vulnerability. 

 

I would recommend to check this security advisory: https://security.paloaltonetworks.com/CVE-2021-44228 based on your PAN-OS version and deployment mode to confirm whether you are affected or not. As time progress Palo Alto is going to provide update on hotfix for PAN-OS versions that are affected.

 

Kind Regards

Pavel

Help the community: Like helpful comments and mark solutions.

View solution in original post

3 REPLIES 3

Cyber Elite
Cyber Elite

Thank you for posting question @Maria-Victoria

 

Panorama does not have any data plane and is not processing any traffic like Firewall does. If you mean checking of the logs from Firewalls, then as long as Firewall is registered in Panorama and sending Threat logs you should be able to see it under: Monitor > Logs > Threat.

 

If you are referring to something else could you please provide more details what you are looking into?

 

Kind Regards

Pavel

Help the community: Like helpful comments and mark solutions.

L1 Bithead

Hello,

Pavel, thank you for your answer.  What I mean is that, for example if there is a vulnerability "x" I can check in monitor>  threat  if a fw is suffering an attack due to this vulnerability using the next filter cve eq CVE-number, But If panorama is affected to this vulnerability, how could we perform the same check for panorama?

 

Cyber Elite
Cyber Elite

Thank you for quick reply @Maria-Victoria

 

Since Panorama does not have any firewall feature and does not process any data plane traffic, there is no equivalent in Panorama what you are used to see in regular Firewall with Threat logs. Panorama can't check itself for vulnerability. 

 

I would recommend to check this security advisory: https://security.paloaltonetworks.com/CVE-2021-44228 based on your PAN-OS version and deployment mode to confirm whether you are affected or not. As time progress Palo Alto is going to provide update on hotfix for PAN-OS versions that are affected.

 

Kind Regards

Pavel

Help the community: Like helpful comments and mark solutions.
  • 1 accepted solution
  • 2098 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!