best practices dashboard and reports measure your security posture against
Palo Alto Networks’ best practice guidance. Importantly, the best
practices assessment includes checks for the Center for Internet
Security’s Critical Security Controls (CSC). CSC checks are called
out separately from other best practice checks, so you can easily
pick out and prioritize updates that will bring you up to CSC compliance.
best practice guidance aims to help you bolster your security posture, findings
in this report can also help you to identify areas where you can
make changes to more effectively manage your environment.
Device Insights, the best practices report identifies areas of improvement
in specific devices rather than across your whole deployment.
best practice dashboard is divided into four sections:
you a comprehensive view of all your failed (and passed) checks, and
assess your best practice adoption rate for key feature areas.
Looks at how your policy is organized,
and whether configuration settings that apply across many rules
align with best practices (including CSC checks).
Shows you the rules failing best practice
and CSC checks. See where you can take quick action to fix failed
Rules are sorted based on session count, so you can
start by reviewing and updating the rules that are impacting the
Shows you how your profiles stack up against
best practices, including CSC checks. Profiles perform advanced
inspection for traffic matched to a security or decryption rule.
you are using the best practices dashboard in Prisma Access, you
can filter the report based on configuration location (mobile users,
remote networks, or configuration that’s shared across Prisma Access).
When you download or share the
best practices report, the PDF version of the report includes only the
top 20 failed rules.