Check for any license or role requirements for the
products you're using.
Prisma Access license or AIOps for NGFW
license
You may customize your own internet security settings for protection from specific threats and
vulnerabilities. Unless explicitly disabled, security settings apply globally to all
allowed internet traffic. This means there’s no need to apply security settings to
individual policies.
You can access the internet access settings from ManageConfigurationNGFW and Prisma AccessSecurity ServicesInternet Security, and the select Security Settings tab.
Threat Management
Automatically inspect and prevent threats for all internet access rules at multiple attack
vectors.
Vulnerability Protection
Detect system flaws that attackers can exploit.
WildFire & Malware Protection
Protect against never-before-seen, file-based threats. Prevent viruses from
entering your network.
Country Block Setting
Applicable only to Prisma Access.
Add regions
you want to block for each Source and Destination. You can editing
predefined external dynamic lists, for example, to allow specific
domains or URLs within a blocked region when necessary. To do this,
go to ManageConfigurationNGFW and Prisma AccessObjectsExternal Dynamic Lists and make the appropriate changes.
Detect Command and Control
Detect command-and-control (C2) activity.
Application Exceptions
Exclude these applications from threat inspection.
Advanced URL inline Categorization
Enable inline machine learning to analyze and manage URL exceptions in
real-time:
DNS Security
Analyze DNS requests in real-time,
to protect against malware using DNS for C2 and data theft.
DNS Categories
Specify the DNS action for each threat category.
DNS Sinkhole Settings
Specify IPv4 and IPv6 sinkhole addresses for
endpoints.
Domain Exceptions
Exclude specific domains analysis.
Decryption
Stop hidden threats for all internet access rules by getting visibility into encrypted
traffic.
Global Decryption Exclusions
Bypass certain URL categories and add custom
exclusions from SSL decryption.
Handshake Settings
Specify the lowest and highest supported versions
of SSL and TLS to be used for SSL connections. Also, specify algorithms
to be used for key exchange, encryption, and authentication.
Bypass & Logging Settings
Choose whether to log successful and unsuccessful
TLS Handshakes.
Actions Options
Choose to allow or block the sessions when decryption fails or
other conditions are met.
File Control
Take action when certain
types of files enter your network.
File Types
Block or allow uploads or downloads of certain
file types, or choose to be alerted when certain file types are
uploaded or downloaded. Actions available uploads and downloads
are:
Block
Allow
Alert
General
Define security zones for Internet Access rules. The default configuration allows
traffic from any source to the internet. You can change these specific values for
NGFWs.