, you can view the recommended Cloud-Delivered Security Services (CDSS)
subscriptions and their usage in your devices. This helps you to identify security gaps
and harden the security posture of your enterprise. After you navigate to this page, you
will see a pop-up asking you to confirm or update your zone roles in NGFWs to get
accurate security services recommendations. You can follow the link in this pop-up
window to map zones to roles.
Currently, this dashboard only supports four security subscriptions: Advanced Threat
Prevention, Advanced URL Filtering, DNS Security and Wildfire.
At the top of the Overview page, you can view the number of total known NGFWs and number
of NGFWs sending telemetry in your AIOps for NGFW instance. The adoption of CDSS
involves progressing through activation, configuration, and adherence to best practices.
To track progress for each subscription, simply click on the numbers in the chart to
view a list of devices that require updates along this journey. To use a security
subscription license in a device, you need to activate it and then set up the service or
To focus on the security services data for a specific NGFW, filter the chart
based on it. You can also view the best practice violations for a device in this
You can click one of the values under
details in a tabular format.
In this example, AIOps for NGFW recommends the activation of Advanced URL
Filtering (ADV-URL) along with Advanced Threat Protection (ATP), Domain Name System
(DNS), and WildFire (WF) security services for NGFWs. You can click
to navigate to the Overview page.
You can also view the same security posture data in a pie chart format. Click
the pie-chart icon to view the information about recommended security services in a
You can click the sections of the pie-chart to view the information about the
individual security service.
In this example, to view the NGFW where DNS Security is not configured, you can
either click the value above the