IoT Security Integration Status with Prisma Access
Table of Contents
Expand all | Collapse all
- Firewall and PAN-OS Support of IoT Security
- IoT Security Prerequisites
- Onboard IoT Security
- Onboard IoT Security on VM-Series with Software NGFW Credits
- DHCP Data Collection by Traffic Type
- Firewall Deployment Options for IoT Security
- Configure a Pre-PAN-OS 10.0 Firewall with a DHCP Server
- Configure a Pre-PAN-OS 10.0 Firewall for a Local DHCP Server
- Use a Tap Interface for DHCP Visibility
- Use a Virtual Wire Interface for DHCP Visibility
- Use SNMP Network Discovery to Learn about Devices from Switches
- Use ERSPAN to Send Mirrored Traffic through GRE Tunnels
- Use DHCP Server Logs to Increase Device Visibility
- Plan for Scaling when Your Firewall Serves DHCP
- Prepare Your Firewall for IoT Security
- Configure Policies for Log Forwarding
- Control Allowed Traffic for Onboarding Devices
- Support Isolated Network Segments
- IoT Security Integration with Prisma Access
- IoT Security Licenses
- Offboard IoT Security Subscriptions
- Introduction to IoT Security
- IoT Security Integration with Next-generation Firewalls
- IoT Security Portal
- Vertical-themed Portals
- Device-to-Site Mapping
- Sites and Site Groups
- IoT Security Integration Status with Firewalls
- IoT Security Integration Status with Prisma Access
- Data Quality Diagnostics
- Authorize On-demand PCAP
- IoT Security Integrations with Third-party Products
- IoT Security and FedRAMP
- IoT Device Discovery
- IoT Security Devices Page
- IoT Security Device Details Page
- Create Multi-interface Devices
- IP Endpoints
- Discover Mobile Device Attributes
- Custom Attributes
- Tag Management
IoT Security Integration Status with Prisma Access
IoT SecurityIntegration Status with
Check the integration of
Prisma Accesson the Sites and Firewalls pages in the
IoT Securityportal, the Sites and Firewalls pages provide the status of next-generation firewalls with active
IoT Securitysubscriptions. They show the total number of firewalls at each site, the connection status of each firewall, the total number of log events they’ve forwarded to logging services, and the types of logs they’re sending. However, when
Prisma Accesssubscribes to
IoT Securitythrough the
IoT Securityadd-on, the information displayed on these pages is unlike that shown for next-generation firewalls.
Prisma Accessis using an
IoT Securityadd-on, the site name for it on the
page is simply “
Networks and Sites
Prisma Access”. Whether a single
Prisma Accessinstance is protecting one or a hundred remote sites,
IoT Securityremains unaware of their number. From the perspective of
IoT Security, the numbers of devices and IoT devices come from a single
Prisma Accessentity regardless of how many remote sites it protects.
The following screen capture shows a mixed deployment of
Prisma Accessand several sites with on-premises next-generation firewalls for comparison.
The Sites page contains the following types of information for
Status: A green cloud means that
IoT Securityis connected to
Prisma Accessand is receiving logs. A red cloud with a line through it means that
IoT Securitydoes not detect logs forwarded from
Cortex Data Lake.
Location: This is the site location, if a location was previously defined.
Devices: This is the total number of devices that
IoT Securityidentified across all remote sites under
IoT Devices: This is the total number of IoT devices that
Prisma Accessidentified across all its remote sites. This is a subset of the total shown in the Devices column.
Risk: This is the overall risk score calculated for all IoT devices protected by
Subnets: These are the subnets across all
Prisma Accessremote sites. Because
IoT Securityhas no visibility into how many sites
Prisma Accessis protecting, this might come from a single site with a single subnet, a single site with multiple subnets, multiple sites each with a single unique subnet, multiple sites with multiple subnets, or any combination of these scenarios.
Group: This indicates the group within the hierarchical site organization where the site is positioned.
IoT Securityhas a third-party integration with BlueCat IPAM or Infoblox IPAM and learns site names from there, the name of the integration appears here. When a third-party integration isn't how
IoT Securitylearned of a site, a dash appears here.
This page (
) is not particularly applicable to
Prisma Access. If you are using
IoT Securityexclusively with
Prisma Access, the top of the page shows a total of two sites, one for
Prisma Accessand one for the default site, which is where
IoT Securityinitially assigns on-premises firewalls. The Active and Inactive status will be 1 or 0 depending on whether
IoT Securitydetects any logs from
Cortex Data Lakein the last 30 minutes.
IoT Securitydisplays the number of system alerts relating to
Prisma Access. These pertain to the reception of requests from
Prisma Accessfor policy recommendations and IP address-to-device mappings. For example:
IoT Securityhasn't received any requests for policy recommendations in the past 30 minutes.
IoT Securityis receiving requests for IP address-to-device mappings again.
Click the number of system alerts at the top of the Firewalls page to open
to see them. The source for
Prisma Accesssystem alerts is always
The rest of the Firewalls page doesn’t have any data relevant to
If your deployment includes a mix of
Prisma Accessand on-premises next-generation firewalls, then this page contains the information mentioned above for
Prisma Accessand much more information about firewalls and the logs they provide.