Review Best Practice Objects Configuration

Use the Best Practice Assessment (BPA) tool to check the objects configuration (Security and Decryption profiles, Tags, etc.) to identify weaknesses to improve.
The
Objects
tab shows all checks related to different types of firewall objects. Select the type of object you want to review to understand the existing configuration and to identify potential gaps in best practice configuration related to Tags, GlobalProtect, Security profiles, Log Forwarding, and Decryption profiles. The following example shows the result for an Antivirus Security profile.
objects-tab-checks.png
For each profile, the report shows the current configuration and how many rules use the profile. The report shows the best practice check results below the current configuration with pass/fail status and recommendations for failed best practice checks. Click help for the rationale for each check and links to best practice documentation.
When one or more checks fail, the profile title turns red. The report lists profiles that aren’t in use at the bottom with a yellow title.
When you review the
Objects
tab, at a minimum, review the following items to help understand the potential scope of remediation:
  • Antivirus
    —Decoder actions for both Antivirus and WildFire.
  • Anti-Spyware
    —Strict Profile, DNS Sinkhole.
  • Vulnerability Protection
    —Strict Profile.
  • URL Filtering
    —Whether known bad categories are blocked.
  • WildFire Analysis
    —Profile File Types (all types should be sent to WildFire for analysis).
  • Log Forwarding
    —Whether all log types are forwarded (forward all log types).

Recommended For You