6.5 Ensure passive DNS monitoring is set to enabled on all anti-spyware profiles in use

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Enable passive DNS monitoring within all anti-spyware profiles in use.

Rationale:

Enabling passive DNS monitoring improves PAN's threat prevention and threat intelligence capabilities. This is performed without source information delivered to PAN to ensure sensitive DNS information of the organization is not compromised.

Solution

Navigate to Device > Setup > Telemetry. Set Passive DNS Monitoring to enabled

Default Value:

Not Configured

See Also

https://workbench.cisecurity.org/files/3750