CIS Benchmark Quick Assess

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
L4 Transporter
100% helpful (2/2)

 

Brief Description

This quickplay solution provides a rapid API-based CIS benchmark assessment of the Palo Alto Networks NGFW

 

Video coming soon...

 

Prerequisites

Playing this solution requires:

  • panhandler 4.3 or later
  • API access to the NGFW

 

Solution Details

Documentation: https://github.com/PaloAltoNetworks/cis-benchmarks

Github Location: https://github.com/PaloAltoNetworks/cis-benchmarks.git

Github Branches: main

Product Versions Supported: PAN-OS 9.0/9.1 based on the benchmark version support

 

Full Description

The CIS benchmark v9.0.0 provides a description, rationale, audit, and remediation steps for a multitude of NGFW configuration benchmarks. Manually assessing the complete set of benchmarks can be highly time consuming.

 

This quickplay allows the user to leverage the NGFW API to query configuration and system state information, assess the various benchmarks, and then present the user with an online report showing pass/fail conditions. Not intended for an official audit, the quick preview allows for remediations ahead of a full audit or to provide periodic checks.

 

Note: This CIS quickplay does not replace a recommended Palo Alto Networks Best Practice Assessment (BPA). For more information, please visit the BPA Live Community

 

Report Results

The output report provides a complete set of contextual information based on the CIS benchmark document:

 

  • summary of total test with pass/fail/action required counts
  • each benchmark grouped by section as found in the report
  • Level and Scored attributes for each benchmark
  • documentation links for each benchmark to assist with manual remediation steps
  • contextual pop-up insights showing why a benchmark failed

 

CIS report.png

 

 

The Action Required Result

Some of the benchmark results are flagged as 'action required'. This denotes one of two outcomes:

 

  • The test hasn't been implemented due to technical limitations such as 'off-box' benchmarks or volumetric type checks that are deployment specific
  • The test hasn't been implemented and is marked as a 'roadmap item' for a future release

 

 

 

Rate this article:
(1)
Comments
L0 Member

This is awesome! Exactly what a customer wants - Do you by any chance have an updated version of the CIS Benchmark?

L4 Transporter

Hi. thank you for the feedback. Unfortunately we had to shift priorities away from this project and moved it to the archive. There are no planned updates. 

  • 10705 Views
  • 2 comments
  • 3 Likes
Register or Sign-in
Contributors
Article Dashboard
Version history
Last Updated:
‎03-22-2021 08:53 AM
Updated by: