Onboard Device Security

1. Optional If you are using Strata Logging Service to store log data, associate the logging service with your firewalls that you associated with Device Security.
2. Log in to the Device Security portal.

   Click the Device Security link on either the Tenant Management or Device Associations page.

   A welcome page appears to start the guided onboarding workflow.
3. Owner or superuser privileges During the onboarding workflow, select a vertical theme for your portal.

   If you are a user with owner or superuser privileges and the portal doesn’t have a predetermined vertical theme, Device Security will prompt you to select a theme when you attempt to navigate away from the welcome page: Enterprise Device Security, OT Device Security, or Medical Device Security. If you don’t select a theme, you will use the Enterprise Device Security theme by default. Device Security will continue to prompt you to select a theme every time you log in until you make a selection, or another user with owner or superuser privileges does.

   If you are a user without owner or superuser privileges, and an owner or superuser hasn’t yet selected a vertical theme, you will see the Enterprise Device Security theme by default. Otherwise, if the portal theme was already determined by the Device Security product purchased or if an owner or superuser already set a theme, then that is the one you see.
4. Configure your firewalls to send traffic to Device Security.

   There might not be any data in the portal when you first log in. Firewalls create network traffic data logs and forward them to the logging service, which streams them to Device Security. On average, devices begin showing up in the Device Security portal within the first 30 minutes. Depending on the size of the network and the amount of activity of the devices on it, it can take several days for all the data to show up.

   Depending on the PAN-OS versions running on your firewalls, you must generate an OTP or PSK and install certificates on firewalls so they will connect securely with Strata Logging Service and with Device Security. There are also firewall configurations necessary to enable logging and log forwarding to Device Security. For Enterprise Device Security, OT Device Security, and Medical Device Security, you must also configure Device Security and PAN-OS to apply Device-ID to enforce Security policy rules. To continue, see Prepare Your Firewall for Device Security.

   Check the Firewalls page in the Device Security portal to see the status of logs that Strata Logging Service is streaming to Device Security.

   Strata Cloud Manager Navigate to NetworksFirewalls to see the status of log streaming.

   Legacy IoT Security portal Navigate to AdministrationFirewalls to see the status of log streaming.

   For more information, see Device Security Integration Status with Firewalls.

   After the Device Security portal has had time to analyze the network behavior of your IoT devices (1-2 days), consider following the typical workflow of a Device Security user:

   • Device visibility – Learn about the IoT devices on the network
   • Application visibility – Learn about the applications and protocols these devices use
   • Device vulnerabilities – Learn about IoT device vulnerabilities and take steps to mitigate them, first on the most critical devices and then on others
   • Security alerts – Respond to security alerts as they occur, prioritizing your response on the urgency of the alert and the importance of the targeted device or network segment
   • Security policy rule recommendations – Based on observed network behavior, Device Security can generate recommended security policy rules that you can then sync with those on your next-generation firewall.