RAID not configured-paloaltonetworks-panos

discobot · November 19, 2018, 9:39pm

RAID not configured-paloaltonetworks-panos

Vendor: paloaltonetworks

OS: panos

Description:
Indeni will alert if RAID is not configured on Palo Alto device.

Remediation Steps:
It is important to know that a device may have been ordered without redundant disks in the array. It is possible especially on a pa-5000 series firewall to order a firewall with only one disk. This is certainly not recommended if you do not have high-availability configured with another firewall. It will still show that you have a RAID because it uses a RAID configuration although you may only have one disk as a member of that array. Please run “show system raid” and “show system raid detail” for more information. If you need RAID redundancy on this firewall contact your sales team. Otherwise, you may disable this rule for this device.

How does this work?
This script will check for the RAID array in scenarios where only one RAID array exists by looking at devices that have Overall RAID status. From there it looks to see if one of the disks in that array report as missing. That indicates RAID is not truly enabled to protect your device from downtime due to drive failures.

Why is this important?
It is important to know that a device may have been ordered without redundant disks in the array. It is possible especially on a pa-5000 series firewall to order a firewall with only one disk. This is certainly not recommended if you do not have high-availability configured with another firewall. It will still show that you have a RAID because it uses a RAID configuration although you may only have one disk as a member of that array.

Without Indeni how would you find this?
On boot, a PA-5000 series firewall will warn you of a disk missing in the system log and would be sent in a syslog event or as an email alert. Most syslog solutions will not alert you of a missing disk so you would have to manually define an alert.

panos-show-system-raid

Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/parsers/src/panw/panos/show-system-raid/show-system-raid.ind.yaml

PanwRaidConfiguredRule

Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/paloaltonetworks/PanwRaidConfiguredRule.scala