Best Practices
The best practices dashboard and reports measure your
security posture against Palo Alto Networks’ best practice guidance.
The
best practices dashboard measures your security posture against
Palo Alto Networks’ best practice guidance. Importantly, the best
practices assessment includes checks for the Center for Internet
Security’s Critical Security Controls (CSC). CSC checks are called
out separately from other best practice checks, so you can easily
pick out and prioritize updates that will bring you up to CSC compliance.
You
can view the best practices reports in Prisma Access and AIOps.
Learn more about best practices reports in Prisma Access and AIOps
here.
While
best practice guidance aims to help you bolster your security posture, findings
in this report can also help you to identify areas where you can
make changes to more effectively manage your environment.
Best Practices Dashboard in Prisma Access
While best practice guidance aims to help
you bolster your security posture, findings in this report can also
help you to identify areas where you can make changes to more effectively
manage your environment.
The best practice dashboard in Prisma
Access is divided into five sections:
- SummaryGives you a comprehensive view of all the failed checks for a device across the configuration types (Security, Network, Identity, and Service Setup), and you can also assess your best practice adoption rate for key feature areas.
- SecurityShows the rules, rulebases, or profiles that are failing best practice and CSC checks for the selected device and location.
- RulebasesLooks at how your policy is organized, and whether configuration settings that apply across many rules align with best practices (including CSC checks).
- RulesShows you the rules failing best practice and CSC checks. See where you can take quick action to fix failed checks.Rules are sorted based on session count, so you can start by reviewing and updating the rules that are impacting the most traffic.
- ProfilesShows you how your profiles stack up against best practices, including CSC checks. Profiles perform advanced inspection for traffic matched to a security or decryption rule.
- NetworkChecks all the application override rules configured in your network and whether they align with best practice and CSC checks.
- IdentityShows whether the authentication enforcement settings (authentication rule, authentication profile, and authentication portal) for a device meet the best practices and comply with CSC checks.
- Service SetupSee how the subscriptions you have enabled on your devices are aligning with the best practice and CSC checks. You can review the WildFire setup, GlobalProtect portal and GlobalProtect gateway configurations here and fix the failed checks.
If you are using the best practices dashboard
in Prisma Access, you can filter the report based on configuration
location (mobile users, remote networks, or configuration that’s
shared across Prisma Access).
Best Practices Dashboard in AIOps for NGFW
The Best Practices dashboard helps to identify
areas where you can strengthen the security posture for specific
devices. You can view the dashboards only for devices that are enabled
to send the telemetry data to AIOps for NGFW.

The
best practice dashboard is divided into five sections:
- SummaryGives you a comprehensive view of all the failed checks for a device across the configuration types (Security, Network, Identity, and Service Setup), and you can also assess your best practice adoption rate for key feature areas.
- SecurityShows the rules, rulebases, or profiles that are failing best practice and CSC checks for the selected device and location.
- RulebasesLooks at how your policy is organized, and whether configuration settings that apply across many rules align with best practices (including CSC checks).
- RulesShows you the rules failing best practice and CSC checks. See where you can take quick action to fix failed checks.Rules are sorted based on session count, so you can start by reviewing and updating the rules that are impacting the most traffic.
- ProfilesShows you how your profiles stack up against best practices, including CSC checks. Profiles perform advanced inspection for traffic matched to a security or decryption rule.
- NetworkChecks all the application override rules configured in your network and whether they align with best practice and CSC checks.
- IdentityShows whether the authentication enforcement settings (authentication rule, authentication profile, and authentication portal) for a device meet the best practices and comply with CSC checks.
- Service SetupSee how the subscriptions you have enabled on your devices are aligning with the best practice and CSC checks. You can review the WildFire setup, GlobalProtect portal and GlobalProtect gateway configurations here and fix the failed checks.
Share, Download, and
Schedule Reports for a Dashboard
For all dashboards, you
can download, share, and
schedule reports covering the data a dashboard displays.
Find these icons in the top right of the dashboard:

When you download or share the
best practices report, the PDF version of the report includes only
the top 20 failed rules.
Recommended For You
Recommended Videos
Recommended videos not found.