One of the cheapest and easiest ways for an attacker to gain access to your network is through users accessing the internet. By successfully exploiting an endpoint, an attacker can take hold in your network and begin to move laterally towards the end goal, whether that is to steal your source code, exfiltrate your customer data, or take down your infrastructure. To protect your network from cyberattack and improve your overall security posture, implement a best practice internet gateway security policy. Use the guidelines in this site to plan, deploy, and maintain your internet gateway best practice security policy.
What Do You Want To Do?
New Features Simplify Decryption
Updated with recommendations for using the new decryption features introduced in PAN-OS 10.0, including TLS 1.3 support and enhancements for simplifying troubleshooting of decryption issues.
Block QUIC Traffic
Our recommended block rules have been updated with recommendations for blocking the Quick UDP Internet Connections (QUIC) protocol to prevent potentially dangerous encrypted traffic from entering the network.
What Is a Best Practice Internet Gateway Security Policy?
Find out what your Security policy should do to best protect against threats when accessing the internet.
Segment Your Network Using Interfaces and Zones
Segmentation prevents lateral movement if an attacker gains access to your network and is a key tenet of Zero Trust networks.
Strengthen Your Internet Gateway
Interzone Deny Rule Logging Best Practice Settings Check
BPA+ YouTube Channel
Click "View BPA+ Playlist" to access all of the BPA+ videos, including best practice network security checks and a demo.