Captive Portal is using TLS version less than 1.2-paloaltonetworks-panos

discobot · July 24, 2019, 8:32pm

Captive Portal is using TLS version less than 1.2-paloaltonetworks-panos

Vendor: paloaltonetworks

OS: panos

Description:
Indeni will alert if Captive Portal is using TLS version less than 1.2.

Remediation Steps:
Ensure the minimum version of the SSL/TLS service profile is set to TLSv1.2. For more detials, please check this link: https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/certificate-management/configure-an-ssltls-service-profile

How does this work?
This alert uses the Palo Alto Networks API interface to parse through Captive Portal configuration and check the version of TLS/SSL profile

Why is this important?
TLS version less than 1.2 has not been secure and it is recommended to operate at TLS version 1.2 and above.

Without Indeni how would you find this?
Login to the device’s web interface and click on “Device” -> “Management” -> “User Indentification” -> “Captive Portal Settings”

panos-captive-portal-tls-version

name: panos-captive-portal-tls-version
description: Ensure "Captive Portal SSL/TLS Service Profile Min Version" is set to
    TLSv1.2
type: monitoring
monitoring_interval: 60 minutes
requires:
    vendor: paloaltonetworks
    os.name: panos
    product: firewall
comments:
    tls-version:
        why: |
            TLS version less than 1.2 has not been secure and it is recommended to operate at TLS version 1.2 and above.
        how: |
            This alert uses the Palo Alto Networks API interface to parse through Captive Portal configuration and check the version of TLS/SSL profile
        can-with-snmp: false
        can-with-syslog: false
steps:
-   run:
        type: HTTP
        command: /api/?type=config&action=get&xpath=/config/devices/*/vsys/*/captive-portal/ssl-tls-service-profile&key=${api-key}
    parse:
        type: XML
        file: panos-captive-portal-tls-version.parser.1.xml.yaml
-   run:
        type: HTTP
        command: /api/?type=config&action=get&xpath=/config/shared/ssl-tls-service-profile/entry[@name='${tls_profile}']&key=${api-key}
    parse:
        type: XML
        file: panos-captive-portal-tls-version.parser.2.xml.yaml

PanosCaptivePortalTlsVersionRule

Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/paloaltonetworks/PanosCaptivePortalTlsVersionRule.scala