04-02-2017 08:27 PM
I am quite new to PA, so i would need your suggestion about this.
I created a Vulnerability Protection Rule wherein my goal is once a Signature update arrives (Vulnerability signature), all those that are “Critical” would have an automatic Action of Drop. And that I dont need to manually set the action for "Critical" threat one-by-one inside the "Exceptions" tab. Here's the rule i created.
Can you please advise if there is a custom report that I can set or a section where i can see the running "hits" for this rule? Just like how the Logs in the "Monitoring" tab display the running traffic, threats, etc etc.
Thank you very much!!
04-02-2017 08:58 PM - edited 04-02-2017 11:21 PM
Thinking through it as I read back my own post. Is the rule I created applicable to my objective?
Instead of me “manually” changing the default action for all “Critical” severity signatures as they are delivered by Palo Alto , I want a rule to do this for me automatically. Meaning, once a Signature update arrives (Vulnerability signature), all those that are “Critical” should have an Action of Drop, since I already set a rule that is applied in my Vulnerability profile.
Or this rule is more on the "Threat" as it comes in, and not on the "Vulnerability Signature"? Sorry for branching out my question, I just want to nail this down really hard. Thanks again.
06-08-2017 12:07 PM - edited 06-08-2017 12:07 PM
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!