I am quite new to PA, so i would need your suggestion about this.
I created a Vulnerability Protection Rule wherein my goal is once a Signature update arrives (Vulnerability signature), all those that are “Critical” would have an automatic Action of Drop. And that I dont need to manually set the action for "Critical" threat one-by-one inside the "Exceptions" tab. Here's the rule i created.
Can you please advise if there is a custom report that I can set or a section where i can see the running "hits" for this rule? Just like how the Logs in the "Monitoring" tab display the running traffic, threats, etc etc.
Thank you very much!!
Thinking through it as I read back my own post. Is the rule I created applicable to my objective?
Instead of me “manually” changing the default action for all “Critical” severity signatures as they are delivered by Palo Alto , I want a rule to do this for me automatically. Meaning, once a Signature update arrives (Vulnerability signature), all those that are “Critical” should have an Action of Drop, since I already set a rule that is applied in my Vulnerability profile.
Or this rule is more on the "Threat" as it comes in, and not on the "Vulnerability Signature"? Sorry for branching out my question, I just want to nail this down really hard. Thanks again.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The Live Community thanks you for your participation!