cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who Me Too'd this topic

Issues fixed as recommended by AIOPS Premium console are still being reported negatively

L1 Bithead

1:   I have critical alerts in AIOPS that when corrected are still being reported in the console and not configured:

Outbound High Risk IP Addresses Not Blocked:

Follow these steps to resolve the issue:
Configure and enable a deny rule with the 'Palo Alto Networks - High risk IP addresses' EDL in the destination address, Log at Session End enabled, along with a Log Forwarding Profile OR an allow rule with the same configurations along with Antivirus, Vulnerablility Protection, Anti-Spyware and URL Filtering profiles configured
I also have similar for the "Inbound".
 
2:   Undecrypted Traffic Settings Not Set To Recommended
The following options need to be enabled: block_expired_certificate, block_untrusted_issuer
If I follow the recommended steps in AIOPS the non-decrypted excluded sites are blocked.
 
3:   File Blocking Profile Not Strict
I have one user that uses the website Canva.com and if I put the Strict File Blocking profile of that specific userid Canva.com stops working because it uses Windows PE to display images in the site.
 
How can I get these sorted? I am pulling my hair our double and triple checking configs.
 
Finally, AIOPS is grading the default "READ ONLY" Objects like URL Filtering, Antispyware, Antivirus etc: and preventing the Firewall from moving from Orange(Fair) to Good(Green) in the Device Security Dashboard.
 
Can you do a forced manual AIOPS scan of the firewall instead of having to wait on the automatic scan every 24hrs?
 
 Please help
 
Who Me Too'd this topic