Educause Security Discussion mailing list archives
Palo Alto Threat Prevention config
From: "Baumgartner, Mark A." <MarkBaumgartner () CREIGHTON EDU>
Date: Thu, 13 Aug 2015 19:49:44 +0000
Good Afternoon All - A couple months back Dave Tevlin posted this link (thanks Dave!) to a document from SANS on a secure benchmark for Palo Alto devices: http://www.sans.org/reading-room/whitepapers/auditing/palo-alto-firewall-security-configuration-benchmark-35777 This got me thinking, as to what kind of configurations others might be running with respect to the Antivirus, Anti-Spyware, and Vulnerability Protection profiles contained in the PA Threat Prevention system (i.e. blocking all Critical/High, only blocking specific threats, etc.). Have you seen any issues with false positives? Thanks in advance for those willing to share (even generally) their experiences around these configurations. Off list or on list responses are much appreciated! Mark Baumgartner Information Security | Creighton University
Current thread:
- Palo Alto Threat Prevention config Baumgartner, Mark A. (Aug 13)