CIS Palo Alto Firewall 7 Benchmark L2 v1.0.0

Audit Details

Name: CIS Palo Alto Firewall 7 Benchmark L2 v1.0.0

Updated: 12/22/2023

Authority: CIS

Plugin: Palo_Alto

Revision: 1.13

Estimated Item Count: 13

File Details

Filename: CIS_Palo_Alto_Firewall_7_Benchmark_L2_v1.0.0.audit

Size: 43.4 kB

MD5: 8687b55487c3edd9201594280c1a8ca9
SHA256: b371b6a10b59f9530c03a47bf50981c91f39527f3be40481d4a72d2c8c5a7d44

Audit Items

DescriptionCategories
1.2.4 Ensure valid certificate is set for browser-based administrator interface - Authentication Profile

IDENTIFICATION AND AUTHENTICATION

1.2.4 Ensure valid certificate is set for browser-based administrator interface - Certificate Profiles

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.4 Ensure valid certificate is set for browser-based administrator interface - Certificates

SYSTEM AND COMMUNICATIONS PROTECTION

1.6.3 Ensure that the certificate securing Remote Access VPNs is valid - Certificates

SYSTEM AND COMMUNICATIONS PROTECTION

1.6.3 Ensure that the certificate securing Remote Access VPNs is valid - GlobalProtect Gateways

SYSTEM AND COMMUNICATIONS PROTECTION

1.6.3 Ensure that the certificate securing Remote Access VPNs is valid - GlobalProtect Portals

SYSTEM AND COMMUNICATIONS PROTECTION

2.1 Ensure that IP addresses are mapped to usernames - User ID Agents

IDENTIFICATION AND AUTHENTICATION

2.1 Ensure that IP addresses are mapped to usernames - Zones

CONFIGURATION MANAGEMENT

2.2 Ensure that WMI probing is disabled

CONFIGURATION MANAGEMENT

6.17 Ensure that a Zone Protection Profile with Flood Protection settings enabled for all flood types is attached to all untrusted zones

SYSTEM AND COMMUNICATIONS PROTECTION

7.3 Ensure 'Security Policy' denying any/all traffic exists at the bottom of the security policies ruleset

SYSTEM AND COMMUNICATIONS PROTECTION

8.3 Ensure that the Certificate used for Decryption is Trusted

SYSTEM AND COMMUNICATIONS PROTECTION

Palo Alto software version 7 not found.