This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

unable to identify attcak and threat on firewall ip

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

unable to identify attcak and threat on firewall ip

NickySorot
L2 Linker

‎11-25-2015 05:15 AM

Q. our auditor scanned our firewall IP from outside network but we unable to identify and check the attack and threat on firewall ip but able to check on servers public IP in threat option. can any1 suggest where we can check in paloalto?

0 Likes Likes
3 REPLIES 3

kiwi
Community Team Member

‎11-25-2015 07:49 AM - edited ‎11-25-2015 07:50 AM

Hi,

 

 

To protect yourself from scans you can configure Zone Protection.

The zone protection logs are stored under threat logs.

 

This  might be useful (p.46 - Zone Protection):

Threat Prevention Deployment

 

I hope it helps.

-Kim.

LIVEcommunity team member, CISSP
Cheers,
Kiwi
Please help out other users and “Accept as Solution” if a post helps solve your problem !

Read more about how and why to accept solutions.
0 Likes Likes

VinceM
L5 Sessionator

‎11-25-2015 07:53 AM

Hi,

 

Depend of you PANOS version but by default the IntrZone traffic (Untrust to Untrust) is not loggued. Mean no trace in logs.

You need to activate them.

After that if you want to be protected against floods, fragmented packet ... you need to configure both zone protection and / or DOS policy.

 

Hope help.

 

V.

0 Likes Likes

Raido_Rattameister
Cyber Elite
Cyber Elite
In response to VinceM

‎11-25-2015 10:45 AM

And security profiles must be configured.

Otherwise Palo does not scan for threats.

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011
0 Likes Likes
  • 2128 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks