DHCP Data Collection by Traffic Type
Table of Contents
Expand all | Collapse all
-
- Firewall and PAN-OS Support of IoT Security
- IoT Security Prerequisites
- Onboard IoT Security
- Onboard IoT Security on VM-Series with Software NGFW Credits
-
- DHCP Data Collection by Traffic Type
- Firewall Deployment Options for IoT Security
- Configure a Pre-PAN-OS 10.0 Firewall with a DHCP Server
- Configure a Pre-PAN-OS 10.0 Firewall for a Local DHCP Server
- Use a Tap Interface for DHCP Visibility
- Use a Virtual Wire Interface for DHCP Visibility
- Use SNMP Network Discovery to Learn about Devices from Switches
- Use Network Discovery Polling to Discover Devices
- Use ERSPAN to Send Mirrored Traffic through GRE Tunnels
- Use DHCP Server Logs to Increase Device Visibility
- Plan for Scaling when Your Firewall Serves DHCP
- Prepare Your Firewall for IoT Security
- Configure Policies for Log Forwarding
- Control Allowed Traffic for Onboarding Devices
- Support Isolated Network Segments
- IoT Security Integration with Prisma Access
- IoT Security Licenses
- Offboard IoT Security Subscriptions
-
- Introduction to IoT Security
- IoT Security Integration with Next-generation Firewalls
- IoT Security Portal
- Vertical-themed Portals
- Device-to-Site Mapping
- Sites and Site Groups
- Networks
- Network Segments Configuration
- Reports
- IoT Security Integration Status with Firewalls
- IoT Security Integration Status with Prisma Access
- Data Quality Diagnostics
- Authorize On-demand PCAP
- IoT Security Integrations with Third-party Products
- IoT Security and FedRAMP
DHCP Data Collection by Traffic Type
Enhanced Application log (EAL) coverage differs when
the firewall receives unicast and broadcast DHCP traffic.
The tables below show Enhanced Application
log (EAL) coverage when the firewall interface receiving unicast
and broadcast DHCP traffic is in different modes.
Unicast DHCP Traffic
| Firewall Interface Deployment Mode | DHCP EAL Generated |
|---|---|
| Virtual Wire | Yes |
| Tap | Yes |
| Layer 2 | Yes |
| Layer 3 | Yes |
Broadcast DHCP Traffic
| Firewall Interface Deployment Mode | DHCP EAL Generated |
|---|---|
| Virtual Wire | Yes |
| Tap | No |
| Layer 2 | No |
| Layer 3 | No |
| DHCP server on the firewall (L3, L2 with VLAN interface) | Yes* |
| DHCP relay agent on the firewall (L3, L2 with VLAN interface) | Yes |
* The method for generating EALs when the firewall is the DHCP
server is dependent on its PAN-OS version:
- A firewall running a PAN-OS 10.0 release or later natively generates EALs when a DHCP server is configured on an interface, DHCP Broadcast Session is enabled, and there’s a Security policy rule that allows DHCP traffic to reach the server and has EAL forwarding enabled. For more information, see Prepare Your Firewall for IoT Security and Configure Policies for Log Forwarding.
- A firewall running a PAN-OS 8.1 - 9.1 release requires a configuration-only workaround to generate DHCP EALs when a DHCP server is configured on one of the firewall interfaces. For more information, see Configure a Pre-PAN-OS 10.0 Firewall with a DHCP Server.