1. Home
    2. AIOps for NGFW
    3. Security Posture
    4. Proactively Enforce Security Checks

    Proactively Enforce Security Checks

    Use the AIOps plugin for Panorama to block faulty configurations before they’re committed.
    The AIOps plugin enables you to take proactive measures against suboptimal configurations by blocking commits that do not pass particular best practice checks. When you indicate in
    AIOps for NGFW
     that you want a check to
    Fail Commit
    , Panorama automatically blocks commits of any configuration that does not pass that check. Rather than wait to receive an alert about a failed best practice check, use the plugin to keep configuration issues out of your deployment in the first place.
    2. Specify the best practice checks that will block commits on failure.
      1. Log in to
        AIOps for NGFW
        .
      2. Select
        Settings
        Security Checks
        .
      3. Find the check that you want to block commits.
      4. Set
        Action on Fail
         to
        Fail Commit
    3. Verify by attempting to commit a configuration that does not pass the check.
      1. Log in to Panorama.
      2. Violate the best practice check that you specified to
        Fail Commit
        .
      3. Select
        Commit
        Commit to Panorama
        Validate Configuration
        .
      You should see a dialog stating that the validation failed because the configuration did not pass the best practice check.
      Setting a check to
      Fail Commit
       causes the check to fail both validation and the actual commit operation.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2022 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo