SSL Decryption Sessions near Capacity-paloaltonetworks-panos
Vendor: paloaltonetworks
OS: panos
Description:
Indeni will alert when it notices that the PAN firewall is nearing its capacity of concurrent SSL decryption sessions
Remediation Steps:
Please review the following articles to best identify ways to optimize the number of SSL decryption sessions: https://live.paloaltonetworks.com/t5/Learning-Articles/Limitations-and-Recommendations-While-Implementing-SSL/ta-p/60036
How does this work?
This script uses the Palo Alto Networks CLI to retrieve the current connection count.
Why is this important?
The firewall has a limit in handling SSL decryption sessions at any given time. It is important to know when it reaches near the limit before it begins to drop packets.
Without Indeni how would you find this?
The only available method in collecting the information is to manually run the CLI command on the device.
panos-show-session-all-filter-ssl-decrypt
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/parsers/src/panw/panos/panos-show-session-all-filter-ssl-decrypt/panos-show-session-all-filter-ssl-decrypt.ind.yaml
panos-show-system-info-monitoring
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/parsers/src/panw/panos/show-system-info-monitoring/show-system-info-monitoring.ind.yaml
PanosHighConcurrentSslDecryptionSessionRule
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/paloaltonetworks/PanosHighConcurrentSslDecryptionSessionRule.scala