Detections
Analytics

CIS Palo Alto Firewall 10 v1.2.0 L2

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Palo Alto Firewall 10 v1.2.0 L2

Updated: 2/10/2026

Authority: CIS

Plugin: Palo_Alto

Revision: 1.2

Estimated Item Count: 11

File Details

Filename: CIS_Palo_Alto_Firewall_10_Benchmark_v1.2.0_L2.audit

Size: 108 kB

MD5: e6bf85a3591c1edace212fce338de841
SHA256: 08c45b4978a9ad3cce092c0e75aabf1a98163c1d02b9ff6a9623b20f467858f5

Audit Items

DescriptionCategories
1.1.1.2 SNMPv3 traps should be configured
1.2.5 Ensure valid certificate is set for browser-based administrator interface
1.6.3 Ensure that the Certificate Securing Remote Access VPNs is Valid
1.7.1 Enabling Post-Quantum (PQ) on IKEv2 VPNs
2.1 Ensure that IP addresses are mapped to usernames
2.2 Ensure that WMI probing is disabled
5.7 Choosing Wildfire public cloud region
6.16 Ensure that a Zone Protection Profile with tuned Flood Protection settings enabled for all flood types is attached to all untrusted zones
7.1 Ensure application security policies exist when allowing traffic from an untrusted zone to a more trusted zone
8.3 Ensure that the Certificate used for Decryption is Trusted
CIS_Palo_Alto_Firewall_10_Benchmark_v1.2.0_L2.audit from CIS Palo Alto Firewall 10 Benchmark v1.2.0