Visibility on Custom Threat Names

Custom spyware and vulnerability threat objects are now written on the firewall logging and reporting.
You can create custom spyware and vulnerability threat objects with a custom Threat ID on Panorama on a per-device group level and pushed to managed firewall. In PAN-OS 10.0, maps custom Threat IDs to the corresponding custom threat object name on the firewall and enables the firewall to generate a threat log populated with the configured custom Threat ID. By mapping the custom Threat IDs to the threat object name on the firewall, you provide enhanced monitoring and visibility in to your threat data by allowing you to correlate network events with specific custom threat objects.
For this example, we will configure a custom vulnerability object.
  1. Configure the custom vulnerability object.
    1. Select
      Objects
      Custom Objects
      Vulnerability
      and select the appropriate
      Device Group
      .
    2. Add
      a new custom vulnerability object.
    3. Enter the custom
      Threat ID
      .
    4. Enter a descriptive
      Name
      for the custom vulnerability object.
    5. Select the
      Severity
      to indicate the seriousness of the threat.
    6. Select the
      Direction
      to indicate whether the threat is assessed from client to server, server to client, or both.
    7. Configure any additional settings for the custom vulnerability object.
    8. Select the
      Signatures
      tab and
      Add
      a new signature for the custom vulnerability object.
    9. Click
      OK
      to save your configuration changes.
  2. Click
    Commit
    and
    Commit and Push
    your configuration changes.
  3. After your firewalls have processed traffic, select
    Monitor
    Threat
    and export the threat log as a CSV.
  4. Navigate to the
    Threat/Content ID
    field to review whether a network threat incident was logged against the custom vulnerability object you created. See Threat Log Fields for more information on the threat syslog field descriptions.

Recommended For You