Item Search

NameAudit NamePluginCategory
4.1 Ensure 'Antivirus Update Schedule' is set to download and install updates hourlyCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
5.1 Ensure that WildFire file size upload limits are maximizedCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
5.1 Ensure that WildFire file size upload limits are maximizedCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

CONFIGURATION MANAGEMENT

5.1 Ensure that WildFire file size upload limits are maximizedCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

CONFIGURATION MANAGEMENT

5.1 Ensure that WildFire file size upload limits are maximizedCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.2 Ensure forwarding is enabled for all applications and file types in WildFire file blocking profilesCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
5.2 Ensure forwarding is enabled for all applications and file types in WildFire file blocking profilesCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.2 Ensure forwarding is enabled for all applications and file types in WildFire file blocking profilesCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.2 Ensure forwarding is enabled for all applications and file types in WildFire file blocking profilesCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.3 Ensure a WildFire Analysis profile is enabled for all security policiesCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
5.3 Ensure a WildFire Analysis profile is enabled for all security policiesCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.3 Ensure a WildFire file blocking profile is enabled for all security policies allowing Internet traffic flowsCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.3 Ensure a WildFire file blocking profile is enabled for all security policies allowing Internet traffic flowsCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.4 Ensure forwarding of decrypted content to WildFire is enabledCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
5.5 Ensure all WildFire session information settings are enabledCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.5 Ensure all WildFire session information settings are enabledCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.5 Ensure all WildFire session information settings are enabledCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
5.6 Ensure alerts are enabled for malicious files detected by WildFireCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.6 Ensure alerts are enabled for malicious files detected by WildFireCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

5.6 Ensure alerts are enabled for malicious files detected by WildFire - log-type 'wildfire'CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
5.7 Ensure 'WildFire Update Schedule' is set to download and install updates every minuteCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
6.1 Ensure at least one antivirus profile is set to block on all decoders except 'imap' and 'pop3'CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.1 Ensure at least one antivirus profile is set to block on all decoders except 'imap' and 'pop3'CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.1 Ensure that antivirus profiles are set to block on all decoders except 'imap' and 'pop3'CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
6.1 Ensure that antivirus profiles are set to block on all decoders except 'imap' and 'pop3'CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.2 Ensure a secure antivirus profile is applied to all relevant security policiesCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
6.2 Ensure a secure antivirus profile is applied to all relevant security policiesCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.2 Ensure a secure antivirus profile is applied to all relevant security policiesCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.2 Ensure a secure antivirus profile is applied to all relevant security policiesCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.3 Ensure an anti-spyware profile is configured to block on all spyware severity levels, categories, and threatsCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
6.3 Ensure an anti-spyware profile is configured to block on all spyware severity levels, categories, and threatsCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.3 Ensure an anti-spyware profile is configured to block on all spyware severity levels, categories, and threatsCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.3 Ensure an anti-spyware profile is configured to block on all spyware severity levels, categories, and threatsCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.4 Ensure DNS sinkholing is configured on all anti-spyware profiles in useCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
6.4 Ensure DNS sinkholing is configured on all anti-spyware profiles in useCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.4 Ensure DNS sinkholing is configured on all anti-spyware profiles in useCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.5 Ensure passive DNS monitoring is set to enabled on all anti-spyware profiles in useCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
6.5 Ensure passive DNS monitoring is set to enabled on all anti-spyware profiles in useCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.5 Ensure passive DNS monitoring is set to enabled on all anti-spyware profiles in useCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.6 Ensure a secure anti-spyware profile is applied to all security policies permitting traffic to the InternetCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
6.6 Ensure a secure anti-spyware profile is applied to all security policies permitting traffic to the InternetCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.6 Ensure a secure anti-spyware profile is applied to all security policies permitting traffic to the InternetCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.6 Ensure a secure anti-spyware profile is applied to all security policies permitting traffic to the InternetCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.7 Ensure a Vulnerability Protection Profile is set to block attacks against critical and high vulnerabilities, and set to default on medium, low, and informational vulnerabilitiesCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
6.7 Ensure a Vulnerability Protection Profile is set to block attacks against critical/high, and set to default on medium, low, and infoCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.7 Ensure a Vulnerability Protection Profile is set to block attacks against critical/high, and set to default on medium, low, and infoCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.8 Ensure a secure Vulnerability Protection Profile is applied to all security rules allowing trafficCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.8 Ensure a secure Vulnerability Protection Profile is applied to all security rules allowing trafficCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.8 Ensure a secure Vulnerability Protection Profile is applied to all security rules allowing trafficCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
6.8 Ensure a secure Vulnerability Protection Profile is applied to all security rules allowing trafficCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY