Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Palo Alto Firewall Dashboard

by Josef Weiss
November 5, 2015

A common implementation of firewalls is to protect network devices by analyzing data moving in and out of the organization, restricting unauthorized access and malicious traffic. The firewall barrier is a critical control in effectively monitoring traffic both in and out of an organization.

A task common to many security programs is to monitor and analyze logs and events from security devices such as firewalls. Reviewing the organization’s firewall solution ensures the implementation is running smoothly. Monitoring firewall logs is a critical task in security operations, and facilities the identification of security concerns and related issues. The Palo Alto Firewall dashboard allows security administrators to view a summary status of firewall information, and includes indicators for events, configuration audits, and NetFlow statistical graphs in a single location within Tenable.sc. The continuous monitoring of firewalls allows the analyst to quickly identify important event data, without having to log into multiple devices. Problems can be rapidly identified, and a workflow can be easily created to escalate potential concerns.

Using the correlation features of LCE and Nessus audit checks, the Palo Alto Firewall dashboard highlights the native ability of Tenable.sc to monitor the status of other security products. By collecting this information, a security analyst can review the configuration and traffic status of the firewall without requiring firewall management privileges.

The dashboard and its components are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The dashboard can be easily located in the Tenable.sc Feed under the category Monitoring.

The dashboard requirements are:

  • Tenable.sc 4.8.2
  • Nessus 8.6.0
  • LCE 6.0.0

Tenable.sc Continuous View (CV) provides continuous network monitoring, vulnerability identification, risk reduction, and compliance monitoring. Tenable.sc CV is continuously updated with information about advanced threats, zero-day vulnerabilities, and new types of regulatory compliance configuration audits. LCE correlates real-time events, such as DNS queries, then performs analysis to discover vulnerabilities and Indicators of Compromise (IOC). LCE also has the capability to discover users, operating systems, network devices, hypervisors, databases, tablets, phones, web servers, and other critical infrastructure. Tenable.sc CV allows for the most comprehensive and integrated view of network health.

The collection contains the following components:

  • Palo Alto Status - NetFlow By Port - This component displays the session count of the top 10 TCP ports identified by Palo Alto native network collector.
  • Palo Alto Status - Top 10 Events - This component displays count of the top 10 Palo Alto syslog events.
  • Palo Alto Status - Event Trend Summary - This component displays trend line for the top 10 Palo Alto syslog events.
  • Palo Alto Status - Event Indicator - This indicator component displays series on Palo Alto syslog event indicators.
  • Palo Alto Status - NetFlow Summary - This component displays a summary of the top 10 TCP ports identified by Palo Alto native network collector.
  • Palo Alto Status - Device Audit Vulnerabilities - This component displays a pass/fail indicator by check type. The Tenable_Palo_Alto_PAN-OS_Best_Practices.audit file has 5 check types, each focusing on a separate part of the configuration audit.
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.