About the IPS Signature Converter Plugin

Learn about the IPS Signature Converter plugin for Panorama.
The IPS Signature Converter plugin for Panorama provides an automated solution for converting rules from third-party intrusion prevention systems—Snort and Suricata—into custom Palo Alto Networks threat signatures. You can then register these signatures on firewalls that belong to device groups you specify and use them to enforce policy in Vulnerability Protection and Anti-Spyware Security Profiles.
Snort and Suricata are open-source intrusion prevention systems that use uniquely formatted rules to detect threats. Threat intelligence-sharing organizations often distribute security advisories with these rules so that you can implement the appropriate protections on your firewall. The IPS Signature Converter plugin enables you to immediately act upon these advisories and protect your network against any threats you receive in Snort or Suricata format.
After you install the IPS Signature Converter plugin on Panorama, you can upload rules for conversion and import them to your device groups. You can also export rules containing indicators of compromise (IOC) to a text file that you can use as an external dynamic list to enforce policy on the entries that it contains.

Recommended For You