CIS Palo Alto Firewall 7 Benchmark L2 v1.0.0

Audit Details

Name: CIS Palo Alto Firewall 7 Benchmark L2 v1.0.0

Updated: 4/25/2022

Authority: CIS

Plugin: Palo_Alto

Revision: 1.10

Estimated Item Count: 13

File Details

Filename: CIS_Palo_Alto_Firewall_7_Benchmark_L2_v1.0.0.audit

Size: 43 kB

MD5: 92ef13d6c2048e04429add684ca5d1f2
SHA256: d721dd893f8eeddeb99e8705e86f7027e4ec6cb2889fdd54543bd4030220a0ec

Audit Items

DescriptionCategories
1.2.4 Ensure valid certificate is set for browser-based administrator interface - Authentication Profile

IDENTIFICATION AND AUTHENTICATION

1.2.4 Ensure valid certificate is set for browser-based administrator interface - Certificate Profiles

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.4 Ensure valid certificate is set for browser-based administrator interface - Certificates

SYSTEM AND COMMUNICATIONS PROTECTION

1.6.3 Ensure that the certificate securing Remote Access VPNs is valid - Certificates

SYSTEM AND COMMUNICATIONS PROTECTION

1.6.3 Ensure that the certificate securing Remote Access VPNs is valid - GlobalProtect Gateways

SYSTEM AND COMMUNICATIONS PROTECTION

1.6.3 Ensure that the certificate securing Remote Access VPNs is valid - GlobalProtect Portals

SYSTEM AND COMMUNICATIONS PROTECTION

2.1 Ensure that IP addresses are mapped to usernames - User ID Agents

IDENTIFICATION AND AUTHENTICATION

2.1 Ensure that IP addresses are mapped to usernames - Zones

CONFIGURATION MANAGEMENT

2.2 Ensure that WMI probing is disabled

CONFIGURATION MANAGEMENT

6.17 Ensure that a Zone Protection Profile with Flood Protection settings enabled for all flood types is attached to all untrusted zones

SYSTEM AND COMMUNICATIONS PROTECTION

7.3 Ensure 'Security Policy' denying any/all traffic exists at the bottom of the security policies ruleset

SYSTEM AND COMMUNICATIONS PROTECTION

8.3 Ensure that the Certificate used for Decryption is Trusted

SYSTEM AND COMMUNICATIONS PROTECTION

Palo Alto software version 7 not found.