If you’re already familiar with Palo Alto Networks’ platform,
this checklist streamlines deploying security best practices in
your data center to safeguard your most valuable assets.
Implement data center best practices when
you create Security profiles, Decryption profiles, Security policy
rules, Authentication policy rules, and Decryption policy rules.
For Security, Authentication, and DoS policy rules, configure log forwarding to Panorama
or external services to centralize logs for convenient viewing and analysis,
Global Data Center Objects, Policies, and Actions—Create custom applications to
identify and control proprietary applications with Security policy in the data
center, configure strict Security profiles (Antivirus, Anti-Spyware,
Vulnerability Protection, File Blocking, and WildFire Analysis), configure
strict Decryption profiles and policies, block traffic that you know is
malicious or unnecessary, and install Cortex XDR Agent on endpoints to protect
User Data Center Traffic Policies—Configure strict Security policy
rules to allow only appropriate access, ensure that users are authenticated, and
decrypt the traffic.
Internet-to-Data-Center Traffic Policies—Prevent risks such as downloading
malware from an infected external server, having command-and-control malware
placed on data center endpoints, allowing inadvertent access, and DoS attacks
intended to disrupt data center availability.
Data-Center-to-Internet Traffic Policies—Prevent risks such as data
exfiltration, command-and-control malware that attempts to reach out to the
internet and "call home", and other malware on compromised servers that attempts
to download more malware.
Intra-Data-Center Traffic Policies—Prevent lateral movement of
malware, allow only sanctioned applications that are required for business, and
decrypt and log the traffic.