Antivirus update schedule is not following best practices-paloaltonetworks-panos

Antivirus update schedule is not following best practices-paloaltonetworks-panos

Vendor: paloaltonetworks

OS: panos

Description:
Indeni will alert if the update schedule for Antivirus is not following best practices.

Remediation Steps:
Ensure Antivirus update recurrence is set to hourly AND update action is set to "download-and-install\

How does this work?
This alert uses the Palo Alto Networks API interface to parse through Dynamic Update schedule and alert the admin if it is following best practices

Why is this important?
Antivirus content update frequency should be set to hourly recurrence. This is the best practice to protect the firewall from latest known viruses. The action should be download and install to have the new contenet updates installed on the firewall and not just downloaded.

Without Indeni how would you find this?
Login to the device’s web interface and click on “Device” -> “Dynamic Updates”

panos-av-update-schedule

Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/parsers/src/panw/panos/panos-av-update-schedule/panos-av-update-schedule.ind.yaml

PanosAvUpdateScheduleRule

Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/paloaltonetworks/PanosAvUpdateScheduleRule.scala