Strata Cloud Manager
New NetSec Platform Features on Strata Cloud Manager (October 2025)
Table of Contents
Expand All
|
Collapse All
Strata Cloud Manager Docs
New NetSec Platform Features on Strata Cloud Manager (October 2025)
See all the new features made available for Strata Cloud Manager in October
2025.
These new features follow the Strata Cloud Manager release model of continuous feature deployment; as they're ready, we make them
available to ensure the latest support for all products and subscriptions across the
NetSec platform. There's no Strata Cloud Manager upgrade or management version
requirement associated with these features; however, check if they have version or
license dependencies associated with other parts of the NetSec platform (like a
cloud-delivered security service subscription, or a Prisma Access version, for
example)
Regional File Forwarding Configuration for MacOSX Dynamic Analysis
|
October 20, 2025
Supported for:
|
Organizations operate globally and frequently adhere to strict regional data
compliance requirements when Advanced WildFire® is deployed into corporate networks
for malware analysis. When using dynamic analysis for MacOSX files, meeting these
geographic mandates can present a challenge. To address this control gap, the Advanced WildFire® service now provides the
ability to choose the geographic location where MacOSX files are forwarded to
for Advanced WildFire dynamic analysis. This ensures that customers
maintain precise governance over where their samples are analyzed. This feature
allows administrators to designate specific regional WildFire clouds—currently those
located in the US, EU, Singapore, or Japan—to analyze and classify MacOSX files with
WildFire verdicts using dynamic analysis, a high-fidelity sandboxing solution that
tests the suspected file in a secure, virtualized environment to observe its
behavior. The sample is temporarily sent to the region designated for MacOSX dynamic
analysis, during which the file is analyzed and subsequently deleted. The sample
analysis results are then sent to your configured WildFire public cloud region for
access. The Advanced WildFire cloud uses the sample analysis results to generate and
distribute signatures used by various Palo Alto Networks products to prevent further
distribution of malicious threats contained in MacOSX files. By enforcing strict
geographic boundaries for analysis, organizations can balance robust threat
detection with regional data residency mandates. For maximum security, the
forwarding functionality is disabled by default, ensuring configuration requires
deliberate authorization. This capability strengthens compliance posture while
leveraging the full detection power of Advanced WildFire.
Streamline Incident Management with Unified Incident Framework
|
October 17, 2025
Supported for:
|
The Strata Cloud Manager Unified Incident Framework offers a
consistent and centralized approach to managing incidents across your various
security products. This framework addresses the challenges you face in monitoring
diverse network security deployments by consolidating all incidents into a single,
unified interface. This gives you comprehensive visibility into your entire security
infrastructure.
The unified dashboard displays a summary of all incidents, including the total number
of open incidents and breakdowns by product type, category, severity, and priority.
You can readily access detailed information for each incident, encompassing the
title, severity level, affected objects, recommended remediation steps, and relevant
timestamps.
The framework supports flexible notification mechanisms, including email, webhooks,
and integrations with ITSM systems, ensuring that you remain informed of critical
issues even outside the product interface. You can customize incident settings to
focus on issues pertinent to your specific deployments by defining criteria for
incident generation and configuring notification preferences.
Strata Cloud Manager now organizes Security Posture Settings under the Unified
Incident Framework to deliver a unified and contextual incident management
experience. Previously, you could access the security posture check from
Configuration > Posture > Settings. With the unified incident framework,
these security posture settings have moved to Incidents > Settings. This
update aligns all posture-related rules and custom checks with incident workflows,
enabling easier correlation between configuration issues and the incidents they
generate.
Leveraging the Unified Incident Framework provides the following benefits:
- Consistent Incident Management: Ensures a uniform approach to incident handling.
- Faster troubleshooting: Centralized visibility and detailed information facilitate quicker identification and resolution of issues.
- Informed Decision-Making: Comprehensive context enables a better understanding of the impact and root cause of incidents.
- Improved Operational Efficiency: Streamlined processes and reduced incident fatigue enhance overall operational effectiveness.
This comprehensive design helps you maintain optimal health and security across your
infrastructure, reducing the overhead and inefficiencies associated with managing
disparate alerting systems.
Unifying SASE and NGFW Visibility with the NetSec Health Dashboard
|
October 10, 2025
Supported for:
|
The NetSec Health Dashboard provides a
comprehensive view of your organization's network security health across all user
devices, branch sites and AI-Powered ADEM monitored applications. Previously,
NGFW users lacked a unified way to understand the end-to-end health of users and
applications across their organization. This dashboard enhances the existing SASE
health dashboard by integrating the health and experience scores from both your
Next-Generation Firewall (NGFW) deployments and your Prisma Access (PA) environment
into a single pane of glass. Currently, the dashboard shows unified digital
experience insights from NGFW deployments for user devices only.
The interactive view in the dashboard shows the experience scores to
highlight the status of user devices, sites, and applications in your organization
as Good, Fair, and Poor. You can further drill down to analyze user-specific
details, users’ browsing experience, network segments causing degradation, and open
device incidents. For sites, you can review Prisma SD-WAN and third-party
connectivity data and any related open incidents. For monitored applications, the
dashboard shows application availability and critical end-to-end performance
metrics.
GlobalProtect: Two Factor Authentication Using OTPs
|
October 27, 2025
Supported for:
|
Secure your remote access environment against credential theft by implementing robust
two-factor authentication (2FA) using One-Time
Passwords (OTPs). This essential security feature requires users
requesting access to enter a unique OTP token sent from the authentication service
to their RSA device. Implement this 2FA mechanism across your GlobalProtect® portals
and gateways to ensure comprehensive protection
By default, the app reuses the same credentials used to log in to the portal and
gateway. In the case of OTP authentication, this behavior causes the authentication
to initially fail on the gateway. The resulting delay in prompting the user for a
login often leads to the time-sensitive OTP expiring before it can be entered. To
prevent this, you must configure the portals and gateways that prompt for the OTP
instead of using the same credentials on a per-app configuration basis.