This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
CIS Benchmark Quick Assess
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- Tools
- Quickplay Solutions
- Quickplay Solutions Archived Articles
- CIS Benchmark Quick Assess
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Printer Friendly Page
scotchoaf
L4 Transporter
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
03-22-2021 08:52 AM - edited 03-22-2021 08:53 AM
100% helpful
(2/2)
Brief Description
This quickplay solution provides a rapid API-based CIS benchmark assessment of the Palo Alto Networks NGFW
Video coming soon...
Prerequisites
Playing this solution requires:
- panhandler 4.3 or later
- API access to the NGFW
Solution Details
Documentation: https://github.com/PaloAltoNetworks/cis-benchmarks
Github Location: https://github.com/PaloAltoNetworks/cis-benchmarks.git
Github Branches: main
Product Versions Supported: PAN-OS 9.0/9.1 based on the benchmark version support
Full Description
The CIS benchmark v9.0.0 provides a description, rationale, audit, and remediation steps for a multitude of NGFW configuration benchmarks. Manually assessing the complete set of benchmarks can be highly time consuming.
This quickplay allows the user to leverage the NGFW API to query configuration and system state information, assess the various benchmarks, and then present the user with an online report showing pass/fail conditions. Not intended for an official audit, the quick preview allows for remediations ahead of a full audit or to provide periodic checks.
Note: This CIS quickplay does not replace a recommended Palo Alto Networks Best Practice Assessment (BPA). For more information, please visit the BPA Live Community
Report Results
The output report provides a complete set of contextual information based on the CIS benchmark document:
- summary of total test with pass/fail/action required counts
- each benchmark grouped by section as found in the report
- Level and Scored attributes for each benchmark
- documentation links for each benchmark to assist with manual remediation steps
- contextual pop-up insights showing why a benchmark failed
The Action Required Result
Some of the benchmark results are flagged as 'action required'. This denotes one of two outcomes:
- The test hasn't been implemented due to technical limitations such as 'off-box' benchmarks or volumetric type checks that are deployment specific
- The test hasn't been implemented and is marked as a 'roadmap item' for a future release
Labels:
Rate this article:
Labels
-
Ansible
2 -
App-ID
1 -
Community Skillets
14 -
Cortex
1 -
Cortex Assess
1 -
Cortex Configure
2 -
Cortex Data
1 -
Cortex Data Lake
2 -
Cortex Deploy
1 -
Cortex Exercise
1 -
DNS Proxy
1 -
DNS Security
1 -
Docker
1 -
Featured
5 -
gcp
1 -
GlobalProtect
1 -
GlobalProtect-COVID19
1 -
GlobalProtect-Resources
1 -
Government
1 -
IoT
1 -
IPSec
1 -
Iron Skillet
1 -
NGFW
17 -
NSX
1 -
PAN-Os
2 -
Panorama
6 -
Prisma Access
1 -
Prisma Access Customer Success
1 -
Prisma Assess
2 -
Prisma Configure
1 -
Prisma Deploy
2 -
Prisma Exercise
1 -
PrismaAccess-COVID19
1 -
Python
5 -
Resident Engineer
1 -
Rest
3 -
SD-WAN
1 -
Security Lifecycle Review
1 -
Skillets
19 -
Strata
1 -
Strata Assess
7 -
Strata Configure
20 -
Strata Deploy
5 -
Strata Exercise
1 -
template
1 -
Terraform
3 -
URL Filtering
1 -
URL Filtering (PAN-DB)
1 -
validation
3 -
VM-Series
1 -
VM-Series on Azure
1 -
VMware
3 -
Workflow
2
- Previous
- Next
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks