Device Security
Strata Cloud Manager
Table of Contents
Strata Cloud Manager
Access Device Security through Strata Cloud Manager, a web interface for
consolidated management of next-generation firewalls and cloud-delivered security services.
After you onboard Device Security, activate Device Security licenses on your
firewalls, and deploy them so that they can feed data to Strata Logging Service,
you’re ready to access Device Security and begin using it.
Launch Strata Cloud Manager and log in
with your account credentials for the Palo Alto Networks Customer Service Portal.
Device Security uses single sign-on (SSO) to verify your login.
Once in Strata Cloud Manager, navigate to Device Security under
. The portal interface is grouped into several sections.
Strata Cloud Manager navigation menu – Use the Strata Cloud Manager navigation menu
to access other Palo Alto Networks apps, management tools, and configuration pages that
you have access to. If you want to use Strata Cloud Manager for more than
Device Security, see the Strata Cloud Manager guide to get started.
Administrative tools – Under the navigation menu is a set of administrative
tools:
- Favorites – Quickly access Strata Cloud Manager pages that you marked as favorites.
- Settings – Manage your settings for Strata Cloud Manager.
- Announcements – Find announcements related to Strata Cloud Manager or to your specific tenants, products, and services.
- Help – Find links to resources and support for the page that you're on.
- User – Log out of Strata Cloud Manager.
- Tenant – Access and manage your tenants in Strata Cloud Manager.
Search – At the top of the page to the right of the page title bar is a
search field where you find data by entering keywords to search for devices, alerts,
vulnerabilities, and external destinations.
Device Security navigation menu – The items in the Device Security
navigation menu are loosely grouped into four sections. The first section is organized
around visibility: Dashboard, Assets, and Networks. The next section is security
related: Alerts, Vulnerabilities, and Policies. The third section is where you
configure and review settings to integrate Device Security with
third-party products: Integrations. Finally, the last section is where you can check
logs, reports, firewalls, and data quality, and manage administrative settings:
Logs & Reports, Settings, and Administration.
Use the Device Security navigation menu page title bar to navigate to
different pages in the Device Security portal. When there are data filters at the
top of a page, use them to control the data that appears on the page by site,
device type, and time period.
Data Filters – Below the page title bar on many pages is a set of filters that
control the data that the Device Security portal displays on each page. The
filter system consists of global filters and local, page-specific filters. Global filter
settings persist while you navigate among different pages with various filters
appearing as appropriate per page. For example, there is no time filter on the
Vulnerabilities page, and there are additional filters on the Devices and
Security Alerts pages. Global filters have default values but can also be customized.
Modified and added filters appear in the web interface as blue instead of black, so you can tell
them apart from the default ones. If a page has a default local filter, it appears
among the other global filters at the top of the page. For example, the Security Alerts
page applies an Active Alerts filter by default, so this local filter automatically
appears among the global filters whenever you open the Security Alerts page. In
addition, there are page filters that apply only to the data on a particular page. When
you scroll down a page, both the global and page filters continue to remain in view in
the upper right of the title bar.
Query Builder – Next to the data filters is the Query Builder. Use it to find
information about devices, alerts, and vulnerabilities by constructing queries out of
various components. A single query can combine devices and security alerts or devices
and vulnerabilities. For example, you might query for all IoT devices from a particular
vendor that raised a particular alert, or you can query for all IoT devices in a
particular profile that have a specific vulnerability.
Manage dashboards – When your portal theme has multiple dashboards, such as
Medical Device Security, you can control which one is the default, which ones are
available in adjacent tabs for quick access, and which ones are hidden. Recognizing
that users of the Device Security portal function in different roles,
Device Security lets you set your own preferences to best suit your needs.
- To manage the display of the various dashboards, select .
- In the Manage Dashboards drop-down, select the check boxes of dashboards you want to display as a tabbed dashboard for faster access. Clear the check boxes of those you don’t want displayed as a tabbed dashboard.The left-to-right order of tabbed dashboards displayed in the main window corresponds to the top-to-bottom order of dashboards listed in the drop-down with the pinned (preferred) dashboard appearing on the far left.
- To set the default dashboard to display first when navigating to Dashboards in the left navigation panel, click the pushpin icon next to a dashboard name in the Manage Dashboards drop-down.If you change the portal theme to a vertical that does not include your pinned dashboard, the default dashboard for that vertical becomes the new pinned dashboard.
- To open a new browser tab or window showing security alerts and vulnerabilities, click View Alerts Overview and View Vulnerabilities Overview.