Next-Generation Firewall
What is an Alert?
Table of Contents
Expand All
|
Collapse All
Next-Generation Firewall Docs
-
-
- Cloud Management of NGFWs
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1
- PAN-OS 9.1
-
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1
-
-
-
- Cloud Management and AIOps for NGFW
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1
- PAN-OS 8.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 9.1
What is an Alert?
Alerts expose potential issues with your next-generation
firewall deployment.
Where Can I Use
This? | What Do I Need? |
---|---|
|
|
To help you maintain the ongoing health of your devices and avoid
business-disrupting incidents,
AIOps for NGFW
generates alerts based on one or
more issues that it has detected with your firewall deployment. These issues, or
events, are triggered in one of three ways:- When a metric changes significantly
- When a previously generated event changes
- When the user or system performs an action, such as acknowledging or closing an alert
An alert indicates a specific problem
(degradation or loss of firewall functionality) that needs to be
addressed. Alerts can also be generated based on correlation or
aggregation across multiple events. This aggregation of events into
a single alert helps triage, streamline alert hand-off between teams,
centralize critical information, and reduce notification fatigue.
Alerts
fall into different categories depending on the metric with which
they are associated. You can use alert categories to specify the
kinds of alerts for which you receive notifications:
Alert Category | Description |
---|---|
Hardware | Problems with the physical machinery of the device,
such as fan or power supply issues. |
Config limits | Configuration objects, such as security rules, profiles,
and address groups, are reaching their limit and may prevent a commit
on the device. |
Resource limits | System resources, such as CPU, memory, and session
information storage, are reaching their limit. Depending on the
specific issue, this can slow system performance or network throughput. |
Dynamic content | Security intelligence, such as WildFire signature packages, applications and threats content
updates, and Anti-Virus signatures, are out of date. This
can leave you vulnerable to newer threats. |
PAN-OS & Subscriptions | The device has an operating system (OS) or subscription
issue, such as approaching license expiration, OS end of life, or
a known vulnerability. |
From , you can view and manage all of the alerts generated for your
deployment. In
Incidents & Alerts
NGFW
All Alerts
Notification Rules
, you can configure
notification rules that specify when and how you would like to be notified when
events trigger an alert.