06-03-2021 08:37 AM
@pradeepbabar4 wrote:
how can i Extract data of all ciphers and protocols that enabled or disabled in palo alto firewalls.
From what aspect? Are we talking about the what ciphers and protocols are enabled on the GUI, or what's being used on your inbound decryption profiles?
@pradeepbabar4 wrote:And How can i Ensure all weak ciphers and protocols are disabled before exposing an application to the Internet in palo alto firewalls.
From an application standpoint this needs to be verified by the application owner, or otherwise directly on the resource you are planning to expose. If you are performing inbound decryption you can somewhat control what ciphers are being utilized, but they need to line up with what the application is actually offering to prevent issues.
You can view what is being offered by running a packet capture, but I would simply ask the application owner for what they are supporting on their end.
