Support for Prisma Access Sample Uploads
Prisma Access can now forward suspicious samples to WildFire for analysis. You can search for these samples within AutoFocus to view the WildFire analysis details, as well as their related sessions.
If you filter your AutoFocus Dashboard to display artifacts from only Prisma Access, the Top Firewall and Source Countries widgets are not displayed in the report, as these data points are not applicable to Prisma Access.
Device Serialsession artifact has been changed to
Observed Infor logical consistency with the new Prisma Access upload source. All instances where device serial would normally appear, including as search conditions and session results, have been updated with the new phrasing.
For more information about the concepts referenced in this feature, refer to: AutoFocus Search
DNS Security Logging Enhancements
AutoFocus™ now displays additional DNS Security logging information based on your organization’s firewall security policy rules, associated action, and the DNS query details. These new fields include:
Firewall SNcolumn label has been changed to
Observed Infor logical consistency with the new Prisma Access upload source.
Domaincolumn label and been changed to
Requestto more accurately reflect possible entry types.
For more information about the concepts referenced in this feature, refer to: AutoFocus DNS Security Dashboard