1.2.4 Ensure HTTP and Telnet options are disabled for all management profiles - HTTP

Information

HTTP and Telnet options should not be enabled for device management.
Rationale:
Management access over cleartext services such as HTTP or Telnet could result in a compromise of administrator credentials and other sensitive information related to device management.

Solution

Navigate to Network > Network Profiles > Interface Management.
Set the HTTP and Telnet boxes to unchecked.

See Also

https://workbench.cisecurity.org/files/2104

Item Details

Category: IDENTIFICATION AND AUTHENTICATION, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|IA-2(1), 800-53|SI-4, CSCv7|9.2, CSCv7|11.5

Plugin: Palo_Alto

Control ID: 3b7f263899cb0e02974af5a8b1d4c2d7765a675bdc2ccf7d626f2a141cc834a4