Onboard IoT Security

1. Optional If you are using Strata Logging Service to store log data, associate the logging service with your firewalls that you associated with IoT Security.
2. Optional If you purchased a Third-party Integrations Add-on license, activate your Third-party Integrations Add-on license.
3. FedRAMP solution Submit a support request with the source IP addresses or source IP address blocks that you want to allow access to your FedRAMP IoT Security portal at https://<your-domain>.iot-gov.paloaltonetworks.com.

   1. Sign in to the Palo Alto Networks Customer Support Portal.
   2. Create a Case to open a support request and provide the IP addresses or IP address blocks to allow access to your FedRAMP IoT Security portal.
4. Log in to the IoT Security portal.

   Click the IoT Security link on either the Tenant Management or Device Associations page.

   A welcome page appears displaying the status of the logging service and several links to useful learning resources.

5. Owner privileges Select a vertical theme for your portal.

   If you are a user with owner privileges and the portal doesn’t have a predetermined vertical theme, IoT Security will prompt you to select a theme when you attempt to navigate away from the welcome page: Enterprise IoT Security Plus, Industrial OT Security, or Medical IoT Security. If you don’t select a theme, you will use the Enterprise IoT Security Plus theme by default. IoT Security will continue to prompt you to select a theme every time you log in until you make a selection, or another user with owner privileges does.

   If you are a user without owner privileges and an owner hasn’t yet selected a vertical theme, you will see the Enterprise IoT Security Plus theme by default. Otherwise, if the portal theme was already determined by the IoT Security product purchased or if an owner already set a theme, then that is the one you see.
6. Configure your firewalls to send traffic to IoT Security.

   There might not be any data in the portal when you first log in. Firewalls create network traffic data logs and forward them to the logging service, which streams them to IoT Security. On average, devices begin showing up in the IoT Security portal within the first 30 minutes. Depending on the size of the network and the amount of activity of the devices on it, it can take several days for all the data to show up.

   Depending on the PAN-OS versions running on your firewalls, you must generate an OTP or PSK and install certificates on firewalls so they will connect securely with Strata Logging Service and with IoT Security. There are also firewall configurations necessary to enable logging and log forwarding to IoT Security. For Enterprise IoT Security Plus, Industrial OT Security, and Medical IoT Security, you must also configure IoT Security and PAN-OS to apply Device-ID to enforce Security policy rules. To continue, see Prepare Your Firewall for IoT Security.

   Click AdministrationSites and FirewallsFirewalls in the IoT Security portal to see the status of logs that Strata Logging Service is streaming to IoT Security. For more information, see IoT Security Integration Status with Firewalls.

   After the IoT Security portal has had time to analyze the network behavior of your IoT devices (1-2 days), consider following the typical workflow of an IoT Security user:

   • Device visibility – Learn about the IoT devices on the network
   • Application visibility – Learn about the applications and protocols these devices use
   • Device vulnerabilities – Learn about IoT device vulnerabilities and take steps to mitigate them, first on the most critical devices and then on others
   • Security alerts – Respond to security alerts as they occur, prioritizing your response on the urgency of the alert and the importance of the targeted device or network segment
   • Security policy rule recommendations – Based on observed network behavior, IoT Security can generate recommended security policy rules that you can then sync with those on your next-generation firewall.