Configure a best-practice security policy rulebase to safely
enable applications and protect your network from attack. Go to
the Best Practices page and select security
policy best practice for your firewall deployment.
Set up High
Availability—High availability (HA) is a configuration in
which two firewalls are placed in a group and their configuration
and session tables are synchronized to prevent a single point to
failure on your network. A heartbeat connection between the firewall
peers ensures seamless failover in the event that a peer goes down.
Setting up a two-firewall cluster provides redundancy and allows
you to ensure business continuity.
Enable User Identification (User-ID)—User-ID
is a Palo Alto Networks next-generation firewall feature that allows
you to create policies and perform reporting based on users and
groups rather than individual IP addresses.
Alto Networks firewalls provide the capability to decrypt and inspect
traffic for visibility, control, and granular security. Use decryption on
a firewall to prevent malicious content from entering your network
or sensitive content from leaving your network concealed as encrypted
or tunneled traffic.
Threat Intelligence with Palo Alto Networks—Permit the firewall
to periodically collect and send information about applications,
threats, and device health to Palo Alto Networks. Telemetry includes
options to enable passive DNS monitoring and to allow experimental
test signatures to run in the background with no impact to your
security policy rules, firewall logs, or firewall performance. All
Palo Alto Networks customers benefit from the intelligence gathered
from telemetry, which Palo Alto Networks uses to improve the threat
prevention capabilities of the firewall.