Activate Palo Alto PAN-OS L1 Package

Is there an I&W for Palo Alto PAN-OS L1?

 

Im using an L1 I&W for another product and most of the base rules correspond but I need a product specific version to capture non-generic rules as well as the correct Device Group and Device Type.

 

 

 

 

 

 

 

 

Parents
  • Mary,

    Looking good so far.

    1. Specific string to use for Column F in attached I&W "Device Group"
    2. Specific string to use for Column G in attached I&W "Device Type"

    For these, without overriding them, what do they show up as in ESM?  From there, John or Prentice, do you have an idea for overriding the Device Group or Device Type?  While Palo Alto separates the web content as traffic from the ids as threat, I don't know or recall if it separates the device type.

    John, Prentice, do you have any gut reaction to keeping such events separated, IDS is IDS/IPS and Web Proxy Content is .... (drawing a blank for the default device type for web content/proxy traffic)

    Mike

Reply
  • Mary,

    Looking good so far.

    1. Specific string to use for Column F in attached I&W "Device Group"
    2. Specific string to use for Column G in attached I&W "Device Type"

    For these, without overriding them, what do they show up as in ESM?  From there, John or Prentice, do you have an idea for overriding the Device Group or Device Type?  While Palo Alto separates the web content as traffic from the ids as threat, I don't know or recall if it separates the device type.

    John, Prentice, do you have any gut reaction to keeping such events separated, IDS is IDS/IPS and Web Proxy Content is .... (drawing a blank for the default device type for web content/proxy traffic)

    Mike

Children
No Data