Content update schedule is not following best practices-paloaltonetworks-panos

Content update schedule is not following best practices-paloaltonetworks-panos
0

Content update schedule is not following best practices-paloaltonetworks-panos

Vendor: paloaltonetworks

OS: panos

Description:
Indeni will alert if the update schedule for Applications and Threats is not following best practices.

Remediation Steps:
Ensure Apps and Threat are rightly configured for content update. For more details, please check this link: https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/threat-prevention/best-practices-for-content-and-threat-content-updates.

How does this work?
This alert uses the Palo Alto Networks API interface to parse through Dynamic Update schedule and alert the admin if it is following best practices.

Why is this important?
Security first customer: Should do hourly recurrence for download and install action and set threshold to less than 6 hours. Availability first customer: Should do daily recurrence for download and install action and set threshold in the range 24-48.

Without Indeni how would you find this?
Login to the device’s web interface and click on “Device” -> “Dynamic Updates”.

panos-content-update-schedule

Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/parsers/src/panw/panos/panos-content-update-schedule/panos-content-update-schedule.ind.yaml

PanosContentUpdateScheduleRule

Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/paloaltonetworks/PanosContentUpdateScheduleRule.scala