Palo Alto Networks next-generation firewalls come equipped with the
App-ID technology, which identifies the
applications traversing your network, irrespective of protocol, encryption, or evasive
tactic. This deep application awareness helps you manage applications effectively using
the
Application Command Center (ACC). The ACC offers a graphical
summary of data from various log databases, highlighting which applications are in use,
by whom, and their potential security implications. ACC is dynamically updated, using
the continuous traffic classification that App-ID performs; if an application changes
ports or behavior, App-ID continues to see the traffic, displaying the results in ACC.
Beyond applications, the ACC enriches this visibility with insights into URL categories,
threats, and data patterns, painting a comprehensive picture of the network landscape
and enabling the creation of more informed security policies.
To enhance monitoring capabilities, you can also leverage the
Dashboard feature on the firewall. This customizable dashboard provides a
quick overview of key network metrics and security posture.
To proactively assess security risks, review the Content Delivery Network (CDN)
infrastructure. This involves examining logged
events on the firewall that might indicate suspicious activity related to CDN traffic.
Additionally, the AutoFocus intelligence summary provides context on the prevalence of
specific properties, activities, or behaviors associated with logs in your network and
on a global scale. This summary also includes the WildFire verdict and relevant
AutoFocus tags. With an active AutoFocus subscription, you can leverage this information
to configure customized
AutoFocus Alerts, enabling proactive tracking of specific
threats and behaviors pertinent to your network environment.