- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
12-16-2021 01:45 AM
Hello,
We can check if a fw is hitting some vulnerability checking the monitor threat tab, I would like to know if there is a way to check the same think for panorama traffic, thanks in advance.
Regards
12-16-2021 06:32 AM
Thank you for quick reply @Maria-Victoria
Since Panorama does not have any firewall feature and does not process any data plane traffic, there is no equivalent in Panorama what you are used to see in regular Firewall with Threat logs. Panorama can't check itself for vulnerability.
I would recommend to check this security advisory: https://security.paloaltonetworks.com/CVE-2021-44228 based on your PAN-OS version and deployment mode to confirm whether you are affected or not. As time progress Palo Alto is going to provide update on hotfix for PAN-OS versions that are affected.
Kind Regards
Pavel
12-16-2021 04:01 AM
Thank you for posting question @Maria-Victoria
Panorama does not have any data plane and is not processing any traffic like Firewall does. If you mean checking of the logs from Firewalls, then as long as Firewall is registered in Panorama and sending Threat logs you should be able to see it under: Monitor > Logs > Threat.
If you are referring to something else could you please provide more details what you are looking into?
Kind Regards
Pavel
12-16-2021 05:20 AM
Hello,
Pavel, thank you for your answer. What I mean is that, for example if there is a vulnerability "x" I can check in monitor> threat if a fw is suffering an attack due to this vulnerability using the next filter cve eq CVE-number, But If panorama is affected to this vulnerability, how could we perform the same check for panorama?
12-16-2021 06:32 AM
Thank you for quick reply @Maria-Victoria
Since Panorama does not have any firewall feature and does not process any data plane traffic, there is no equivalent in Panorama what you are used to see in regular Firewall with Threat logs. Panorama can't check itself for vulnerability.
I would recommend to check this security advisory: https://security.paloaltonetworks.com/CVE-2021-44228 based on your PAN-OS version and deployment mode to confirm whether you are affected or not. As time progress Palo Alto is going to provide update on hotfix for PAN-OS versions that are affected.
Kind Regards
Pavel
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!