Best Practice Checks
Evaluate your live configuration against Palo Alto Networks
best practices.
Palo Alto Networks best practices are designed
to help you get the most out of Prisma Access Cloud Management and
are best securing your network. We’ve built best practice checks
directly in to Prisma Access, so that you can get a live evaluation
of your configuration.
Best practice checks are available
for:
- Your security policy rulebaseRulebase checks look at how security policy is organized and managed, including configuration settings that apply across many rules.
- Security rules
- Security profiles
- Anti-Spyware
- Vulnerability Protection
- WildFire and Antivirus
- URL Access Management
- DNS Security
- Authentication
- Decryption
- GlobalProtect
Best practice guidance aims
to help you bolster your security posture, but also to help you
manage your environment efficiently and to best enable user productivity.
Continually assess your configuration against these inline checks—and
when you see an opportunity to improve your security, take action
then and there.
There are
several different views Prisma Access Cloud Management provides you
into your best practice adoption:
Overall Best Practice View To get
started, you can quickly assess your overall security posture by
checking the Overview page, go to .Here you can
see how you’re doing at a high-level and pinpoint areas where you
might want to start taking action. |  |
Best Practice Scores Best practice
scores are displayed on a feature dashboard (security policy, decryption,
or URL Access Control, for example). These scores gives you a quick
view into your best practice progress. At a glance, you can identify
areas for further investigation or where you want to take action
to improve your security posture. |  |
Best Practice Field Checks Field-level
checks show you exactly where your configuration does not align
with a best practice. Best practice guidance is provided inline, so
you can immediately take action. |  |
Best Practice Assessment Here you
can get a comprehensive view into how your implementation of feature
aligns with best practices. Examine failed checks to see where you
can make improvements (you can also review passed checks). Rulebase
checks highlight configuration changes you can make outside of individual
rules, for example to a policy object that is used across several
rules. |  |
Use this dashboard to measure your security posture
against Palo Alto Networks’ guidance and check for CIS Critical
Security Controls (CSC) compliance. You can share the best practice
report as a PDF and schedule it to be regularly delivered to your
inbox.
|  |
Looking for more on Palo
Alto Networks best practices?
Here’s the best practice homepage, where you can
find resources to help you transition to and implement best practices.
Keep in mind that the topics here cover best practice implementation
on a PAN-OS next-gen firewall; while the workflows and sometimes
the feature support varies from Prisma Access Cloud Management,
the best practice guidance remains the same.
