An HTTP server is enabled on the device-paloaltonetworks-panos
Indeni will check if a device has the HTTP service enabled. HTTP is not encrypted and is therefore a security risk.
Disable the HTTP server on the device.
How does this work?
This script pulls the Palo Alto Networks firewall’s active configuration and extracts the configured services from there.
Why is this important?
HTTP is an unsecure protocol and should not be used. Users may enable HTTP unintentionally and should be alerted if they do so.
Without Indeni how would you find this?
An administrator may write a script to pull this data from devices and compare against a gold configuration.
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/parsers/src/panw/panos/panos-management-interface-services/panos-management-interface-services.ind.yaml
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/crossvendor/cross_vendor_http_server_enabled.scala