Quickplay Solutions Articles
cancel
Showing results for 
Search instead for 
Did you mean: 
Featured Article
  Brief Description This quickplay solution includes a set of scripts and skillets to quickly query the NGFW to determine inbound open policy ports/applications, domain categories, and URL categories.   Below is a quick summary of each of the scripts.      Prerequisites Playing this solution requires: panhandler 4.3 or later to play skillets API access to the NGFW   Solution Details Documentation:  https://github.com/PaloAltoNetworks/panos-query-scripts/blob/main/README.md Github Location: https://github.com/PaloAltoNetworks/panos-query-scripts.git Github Branches:  main Product Versions Supported: DNS domain category query: PAN-OS 10.0 and later URL category query: PAN-OS 9.0 and later Inbound policy query: PAN-OS 9.0 and later   Full Description The quickplay scripts and skillets use the NGFW API to gain insights about inbound policy configuration and cloud service category mappings.   Get the DNS Domain or URL Category PAN-OS includes the capability to use CLI commands and the web UI to leverage the NGFW as a proxy into the cloud service layer to get category mappings for URLs and DNS domains. The CLI commands include:   test dns-proxy dns-signature fqdn {domain-to-test} test url {url-to-test}   The quickplay solution utilizes these commands through the API to read a list of domains or URLs to determine their category and output the results to screen and as a csv file for additional data analysis.   Open Port Query Provides a quick configuration analysis using the API to find security policies with destination of 'any' and a user input zone. The output shows the security policy name and associated services/ports and applications.   This provides quick insights regarding the NGFW attack surface where traffic is allowed from high risk zones such as the internet.          
View full article
Top Contributors
Top Liked Posts in Knowledge Base
Top Liked Authors