1. Home
    2. Best Practices
    3. Best Practices for Managing Firewalls with Panorama
    4. Best Practices for Monitoring and Visibility on Panorama
    5. Generate Standard and Custom Reports on Panorama

    Generate Standard and Custom Reports on Panorama

    Best practices for generating PDF reports and custom reports on the Panorama™ management server.
    The Panorama™ management server provides a way for you to centralize and aggregate all information across your firewall deployment to generate PDF reports and create custom reports.
    • Identify and classify all SaaS applications used by your organization as
      Sanctioned
       or
      Unsanctioned
      .
      Panorama and managed firewalls consider any application without the sanctioned tag as unsanctioned for use on the network. Unsanctioned SaaS applications can cause an exposure to threats and loss of private and sensitive data. It is important to classify your SaaS applications to better investigate network activity.
      1. Select
        Objects
        Applications
        .
      3. Select one or more of your SaaS applications and
        Edit Tags
        .
      4. From the Add Tags drop-down, select
        Sanctioned
         or
        Unsanctioned
        .
      5. Repeat steps 1-4 until your SaaS applications are tagged as needed.
      6. Select
        Commit
        Commit and Push
         and
        Commit and Push
         your configuration changes.
    • Configure the user activity report and SaaS application usage report on the basis of user groups to achieve a higher level of granularity in your reports.
      For example, your finance department is storing a large amount of data in GitHub. Leveraging user groups in your user activity and SaaS application usage reports allows you to more easily identify this suspicious behavior. Otherwise, this suspicious behavior may have gone unnoticed if the report is run for the whole organization.
    • Configure purpose-driven and specific custom reports and limit the number of columns to what is necessary.
      Concise report parameters allow you to more easily identify network activity that needs investigation.
    1. When creating a custom report, use the Query Builder when possible to rapidly narrow down the results.
      For example, a targeted report for one office location is far more efficient and actionable than a report for all office locations. If you need to a report that encompasses multiple offices, it is better to run a few different reports with specific queries for each office.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2022 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo