Network Security
Use Auto-Tagging to Automate Security Actions (Strata Cloud Manager)
Table of Contents
Expand All
|
Collapse All
Network Security Docs
-
- Security Policy
-
- Security Profile Groups
- Security Profile: AI Security
- Security Profile: WildFire® Analysis
- Security Profile: Antivirus
- Security Profile: Vulnerability Protection
- Security Profile: Anti-Spyware
- Security Profile: DNS Security
- Security Profile: DoS Protection Profile
- Security Profile: File Blocking
- Security Profile: URL Filtering
- Security Profile: Data Filtering
- Security Profile: Zone Protection
-
- Policy Object: Address Groups
- Policy Object: Regions
- Policy Object: Traffic Objects
- Policy Object: Applications
- Policy Object: Application Groups
- Policy Object: Application Filter
- Policy Object: Services
- Policy Object: Auto-Tag Actions
- Policy Object: Devices
-
- Uses for External Dynamic Lists in Policy
- Formatting Guidelines for an External Dynamic List
- Built-in External Dynamic Lists
- Configure Your Environment to Access an External Dynamic List
- Configure your Environment to Access an External Dynamic List from the EDL Hosting Service
- Retrieve an External Dynamic List from the Web Server
- View External Dynamic List Entries
- Enforce Policy on an External Dynamic List
- Find External Dynamic Lists That Failed Authentication
- Disable Authentication for an External Dynamic List
- Policy Object: HIP Objects
- Policy Object: Schedules
- Policy Object: Quarantine Device Lists
- Policy Object: Dynamic User Groups
- Policy Object: Custom Objects
- Policy Object: Log Forwarding
- Policy Object: Authentication
- Policy Object: Decryption Profile
- Policy Object: Packet Broker Profile
-
-
-
- The Quantum Computing Threat
- How RFC 8784 Resists Quantum Computing Threats
- How RFC 9242 and RFC 9370 Resist Quantum Computing Threats
- Support for Post-Quantum Features
- Post-Quantum Migration Planning and Preparation
- Best Practices for Resisting Post-Quantum Attacks
- Learn More About Post-Quantum Security
-
-
-
- Investigate Reasons for Decryption Failure
- Identify Weak Protocols and Cipher Suites
- Troubleshoot Version Errors
- Troubleshoot Unsupported Cipher Suites
- Identify Untrusted CA Certificates
- Repair Incomplete Certificate Chains
- Troubleshoot Pinned Certificates
- Troubleshoot Expired Certificates
- Troubleshoot Revoked Certificates
Use Auto-Tagging to Automate Security Actions (Strata Cloud Manager)
Automatically tag the users or IP addresses associated with a log entry and enforce
users and IP addresses based on behavior and activity.
- Set up an auto-tag action rule.
- Select ManageNGFW and Prisma AcccessObjectsAuto-Tag Actions.
- Add Rule and specify a Name, Log Type, and Filter criteria for this action.
- (Optional) Choose whether you want to add devices that match this rule to the quarantine list.
- Next, Add Tagging Rule.
- Give your tagging rule a Name, specify the Target, choose an Action (Add Tag or Remove Tag), and associate one of the existing Tags with your rule or create a new tag.
- (Optional) Configure a timeout to remove the tag from the policy object after the specified time has elapsed.Specify the amount of time (in minutes) that passes before the tag is removed from the policy object. The range is from 0 to 4,320. If you set the timeout to zero, the IP address-to-tag mapping does not timeout and must be removed with an explicit action. If you set the timeout to the maximum of 4,320 minutes, the tag is removed after 30 days.You cannot configure a Timeout with a Remove Tag action.
- Select Save.
- Use your auto-tag action rule to populate a dynamic address group or a dynamic user group.
- Create or select one of the following policy objects:
- Enter the tags you want to apply to the object as the Match criteria.Confirm that the tag is identical to the tag in Step 1.
- Add the dynamic user group to a security rule.This workflow uses a Security policy as an example, but you can also use tagged policy objects in Authentication policy.
- Select ManageNGFW and Prisma AccessSecurity ServicesSecurity Policy.
- Select Add Rule and enter a Name and optionally a Description for the policy.
- Add the Source Zone where the traffic originates.
- Add the Destination Zone where the traffic terminates.
- Select the Source object you created in Step 2.1.
- Select whether the rule will Allow or Deny the traffic.