Content update schedule is not following best practices-paloaltonetworks-panos
Indeni will alert if the update schedule for Applications and Threats is not following best practices.
Ensure Apps and Threat are rightly configured for content update. For more details, please check this link: https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/threat-prevention/best-practices-for-content-and-threat-content-updates.
How does this work?
This alert uses the Palo Alto Networks API interface to parse through Dynamic Update schedule and alert the admin if it is following best practices.
Why is this important?
Security first customer: Should do hourly recurrence for download and install action and set threshold to less than 6 hours. Availability first customer: Should do daily recurrence for download and install action and set threshold in the range 24-48.
Without Indeni how would you find this?
Login to the device’s web interface and click on “Device” -> “Dynamic Updates”.
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/parsers/src/panw/panos/panos-content-update-schedule/panos-content-update-schedule.ind.yaml
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/paloaltonetworks/PanosContentUpdateScheduleRule.scala