Palo Alto scanning with Nessus

Reply
Highlighted
L7 Applicator

Palo Alto scanning with Nessus

Hello,

Does anyone else out there scan their firewalls with Nessus? Just curious if you have some other definitions defined other than what tenable has listed on their support site. I've tried google but its not helping much.

 

Thanks in advance!


Accepted Solutions
Highlighted
L4 Transporter

Re: Palo Alto scanning with Nessus

This document https://www.sans.org/reading-room/whitepapers/auditing/palo-alto-firewall-security-configuration-ben... help guide you through all the basics to help ensue you are not missing anything  obvious. Taking a more agressive response with your IPS responses (default actions of reset and drop) and using an exception response of block-ip will reduce the effectiveness of a scanning tool.

 

Hope this helps,

 

Phil

View solution in original post


All Replies
Highlighted
L4 Transporter

Re: Palo Alto scanning with Nessus

why are you scanning your firewall with nessus? are you getting useful information?

Highlighted
L7 Applicator

Re: Palo Alto scanning with Nessus

Compliance requirements from our customers. As for unseful info, not for me with the baked in plugins and compliance checks they have. It looks for some best practices stuff that could be useful to someone that has not configured everything or just a quick check to see if things are configured.

Highlighted
L4 Transporter

Re: Palo Alto scanning with Nessus

Very interesting - I would never have thought of scanning a firewall with nessus not sure that it would be much good

Highlighted
L7 Applicator

Re: Palo Alto scanning with Nessus

Yeah it can be handy to just make sure best practices are followed, etc.

Highlighted
L4 Transporter

Re: Palo Alto scanning with Nessus

Hey, 

 

I wanted to share my one case with Nessus.

 

https://discussions.tenable.com/message/32299#32299

 

Plugin ID 83875.

 

This is a false positiveand Nessus is working to fix this.

 

Thanks!

Highlighted
L4 Transporter

Re: Palo Alto scanning with Nessus

This document https://www.sans.org/reading-room/whitepapers/auditing/palo-alto-firewall-security-configuration-ben... help guide you through all the basics to help ensue you are not missing anything  obvious. Taking a more agressive response with your IPS responses (default actions of reset and drop) and using an exception response of block-ip will reduce the effectiveness of a scanning tool.

 

Hope this helps,

 

Phil

View solution in original post

Highlighted
L7 Applicator

Re: Palo Alto scanning with Nessus

Doing more digging I also found the following its still beta however...

 

http://iase.disa.mil/stigs/Pages/index.aspx

 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!