unable to identify attcak and threat on firewall ip

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

unable to identify attcak and threat on firewall ip

L2 Linker

Q. our auditor scanned our firewall IP from outside network but we unable to identify and check the attack and threat on firewall ip but able to check on servers public IP in threat option. can any1 suggest where we can check in paloalto?

3 REPLIES 3

Community Team Member

Hi,

 

 

To protect yourself from scans you can configure Zone Protection.

The zone protection logs are stored under threat logs.

 

This  might be useful (p.46 - Zone Protection):

Threat Prevention Deployment

 

I hope it helps.

-Kim.

LIVEcommunity team member, CISSP
Cheers,
Kiwi
Please help out other users and “Accept as Solution” if a post helps solve your problem !

Read more about how and why to accept solutions.

L5 Sessionator

Hi,

 

Depend of you PANOS version but by default the IntrZone traffic (Untrust to Untrust) is not loggued. Mean no trace in logs.

You need to activate them.

After that if you want to be protected against floods, fragmented packet ... you need to configure both zone protection and / or DOS policy.

 

Hope help.

 

V.

And security profiles must be configured.

Otherwise Palo does not scan for threats.

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011
  • 2340 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!