Enable AutoFocus Threat Intelligence
With a valid AutoFocus subscription, you can compare the activity on your network with the latest threat data available on the AutoFocus portal. Connecting your firewall and AutoFocus unlocks the following features:
- Ability to view an AutoFocus intelligence summary for session artifacts recorded in the firewall logs.
- Ability to open an AutoFocus search for log artifacts from the firewall.
The AutoFocus intelligence summary reveals the prevalence of an artifact on your network and on a global scale. The WildFire verdicts and AutoFocus tags listed for the artifact indicate whether the artifact poses a security risk.
- Verify that the AutoFocus license is activated
on the firewall.
- Select DeviceLicenses to verify that the AutoFocus Device License is installed and valid (check the expiration date).
- If the firewall doesn’t detect the license, see Activate Licenses and Subscriptions.
- Connect the firewall to AutoFocus.
- Select DeviceSetupManagement and edit the AutoFocus settings.
- Enter the AutoFocus URL:https://autofocus.paloaltonetworks.com:10443
- Use the Query Timeout field
to set the duration of time for the firewall to attempt to query
AutoFocus for threat intelligence data. If the AutoFocus portal
does not respond before the end of the specified period, the firewall
closes the connection.As a best practice, set the query timeout to the default value of 15 seconds. AutoFocus queries are optimized to complete within this duration.
- Select Enabled to allow the firewall to connect to AutoFocus.
- Click OK.
- Commit your changes to retain the AutoFocus settings upon reboot.
- Connect AutoFocus to the firewall.
- Log in to the AutoFocus portal: https://autofocus.paloaltonetworks.com
- Select Settings.
- Add new remote systems.
- Enter a descriptive Name to identify the firewall.
- Select PanOS as the System Type.
- Enter the firewall IP Address.
- Click Save changes to add the remote system.
- Click Save changes again on the Settings page to ensure the firewall is successfully added.
- Test the connection between the firewall and AutoFocus.
- On the firewall, select MonitorLogsTraffic.
- Verify that you can Assess Firewall Artifacts with AutoFocus.
Assess Firewall Artifacts with AutoFocus
Assess Firewall Artifacts with AutoFocus Use the AutoFocus Intelligence Summary for an artifact to assess its pervasiveness in your network and the threats associated with ...
View and Act on AutoFocus Intelligence Summary Data
View and Act on AutoFocus Intelligence Summary Data Interact with the AutoFocus Intelligence Summary to display more information about an artifact or extend your artifact ...
Enforce Policy using External Dynamic Lists and AutoFocus A...
Enforce Policy using External Dynamic Lists and AutoFocus Artifacts (API) This use case allows you to use data from AutoFocus threat intelligence to create an ...
AutoFocus Intelligence Summary
AutoFocus Intelligence Summary You can view a graphical overview of threat intelligence that AutoFocus compiles to help you assess the pervasiveness and risk of the ...
AutoFocus Intelligence Summary
AutoFocus Intelligence Summary The AutoFocus Intelligence Summary offers a centralized view of information about an artifact that AutoFocus has extracted from threat intelligence gathered from ...
Assess Network Traffic
Assess Network Traffic Now that you have a basic security policy, you can review the statistics and data in the Application Command Center (ACC), traffic ...
Log Types The firewall displays all logs so that role-based administration permissions are respected. Only the information that you are permitted to see is visible ...
Device > Setup > Management
Device > Setup > Management Device > Setup > Management Panorama > Setup > Management On a firewall, select Device Setup Management to configure management ...
Monitor Applications and Threats
Monitor Applications and Threats All Palo Alto Networks next-generation firewalls come equipped with the App-ID technology, which identifies the applications traversing your network, irrespective of ...