Best Practices for Completing the Firewall Deployment
Now that you have integrated the firewall into your
network and enabled the basic security features, you can begin configuring
more advanced features. Here are some things to consider next:
Configure a best-practice security policy rulebase to safely
enable applications and protect your network from attack. Go to
the Best Practices page and select security
policy best practice for your firewall deployment.
Set up High
Availability—High availability (HA) is a configuration in
which two firewalls are placed in a group and their configuration
and session tables are synchronized to prevent a single point to
failure on your network. A heartbeat connection between the firewall
peers ensures seamless failover in the event that a peer goes down.
Setting up a two-firewall cluster provides redundancy and allows
you to ensure business continuity.
Enable User Identification (User-ID)—User-ID
is a Palo Alto Networks next-generation firewall feature that allows
you to create policies and perform reporting based on users and
groups rather than individual IP addresses.
Enable Decryption—Palo
Alto Networks firewalls provide the capability to decrypt and inspect
traffic for visibility, control, and granular security. Use decryption
on a firewall to prevent malicious content from entering your network
or sensitive content from leaving your network concealed as encrypted or
tunneled traffic.
Share
Threat Intelligence with Palo Alto Networks—Permit the firewall
to periodically collect and send information about applications, threats,
and device health to Palo Alto Networks. Telemetry includes options
to enable passive DNS monitoring and to allow experimental test
signatures to run in the background with no impact to your security
policy rules, firewall logs, or firewall performance. All Palo Alto
Networks customers benefit from the intelligence gathered from telemetry,
which Palo Alto Networks uses to improve the threat prevention capabilities
of the firewall.
