Strata Cloud Manager
Device Setup (Management)
Table of Contents
Expand All
|
Collapse All
Strata Cloud Manager Docs
Device Setup (Management)
Learn about the device setup management tabs.
In Strata Cloud Manager, select Manage > Configuration > NGFW and Prisma
Access and set the Configuration Scope to the folder or NGFW you wish to
configure. From the scope of your folder or NGFW, select Device Settings > Device
Setup > Management.
General Settings
| General Settings | Description |
|---|---|
| Domain |
Enter the name of the network domain for the NGFW (up
to X characters).
|
| Login Banner | Enter text (up to X characters) to display on the login page below the Name and Password fields. |
| Force Admins to Acknowledge Login Banner | Select this option to display and force administrators to select I Accept and Acknowledge the Statement Below (above the login banner on the login page), which forces administrators to acknowledge that they understand and accept the contents of the message before they can Login. |
| SSL/TLS Service Profile | Assign an existing SSL/TLS service profile or create a new one to specify a certificate and the SSL/TLS protocol settings allowed on the management interface (see Objects > Certificate Management > SSL/TLS Service Profile) |
| Time Zone | Select the time zone of the NGFW. |
| Locale | Select a language for the NGFW. |
| Latitude | Enter the latitude (-90.0 to 90.0) of the NGFW. |
| Longitude | Enter the longitude (-180.0 to 180.0) of the NGFW. |
| Automatically Acquire Commit Lock | Select this option to automatically apply a commit lock when you change the candidate configuration. |
| Certificate Expiration Check | Instruct Strata Cloud Manager to create warning messages when on-box certificates approach their expiration date. This option is enabled by default. |
| Use Hypervisor Assigned Mac Addresses |
Select this option to have the VM-Series NGFW use the
MAC address that the hypervisor assigned, instead of generating
a MAC address using the PAN-OS custom schema.
If you enable this option and use an IPv6 address for
the interface, the interface ID cannot use the EUI-64 format,
which derives the IPv6 address from the interface MAC address.
In a high availability (HA) active/passive configuration, a
commit error occurs if you use the EUI-64 format.
|
| Tunnel Acceleration | Select this option to improve performance and throughput for traffic going through GRE tunnels, VXLAN tunnels, and GTP-U tunnels This option is enabled by default. |
| Fail Open | Certain NGFW models have fail-open ports that can be configured to provide a pass-through connection in the event of a power or operating system failure. This feature is disabled by default and must be enabled. |
Service Route Settings
| Service Route Settings | Description |
|---|---|
| Use Management Interface for All/Customize |
Configure your device to route all management traffic
(such as updates, logging, and administrative access) through
the dedicated management interface instead of through your
regular data interfaces. This keeps your management traffic
separate from your network traffic.
Allow you to manually specify which types of management
traffic use the management interface and which use your data
interfaces. This gives you granular control over how different
services communicate.
|
| IPV4s | The IPv4 network address or address range that your device will use for routing management service traffic. Specify an individual IP address or subnet range depending on your network configuration. |
| Destinations | Enter the Destination IP address where your device will send management traffic (such as DNS server, update server, or log collector). This determines where your device routes different types of administrative communications. |
Management Interface Settings
| Management Interface Settings | Description |
|---|---|
| Speed | Configure a data rate and duplex option for the interface. The choices include 10 Mbps, 100 Mbps, and 1 Gbps at full or half duplex. Use the default autonegotiate setting to have Strata Cloud Manager determine the interface speed. |
| MTU | Enter the maximum transmission unit (MTU) in bytes for packets sent on this interface (range is 576 to 1,500; default is 1,500). |
| IP Type |
Static—Manually enter the IPv4 or IPv6 address (or
both) and one or more default gateways, which are described
further down in this table.
DHCP Client—Configures the MGT interface as a DHCP
client so that the NGFW can send DHCP Discover or Request
messages to find a DHCP server. The server responds by providing
an IP address (IPv4), netmask (IPv4), and default gateway for
the MGT interface. DHCP on the MGT interface is turned off by
default for the VM-Series NGFW (except for the VM-Series NGFW in
AWS and Azure). If you select DHCP Client, optionally select
either or both of the following Client Options:
Send Hostname—Causes the MGT interface to send its
hostname to the DHCP server as part of DHCP Option 12.
Send Client ID—Causes the MGT interface to send its
client identifier as part of DHCP Option 61.
|
| IP Address |
Assign an IP address to the interface.
Alternatively, you can assign the IP address of a
loopback interface for NGFW management. By default, the IP
address you enter is the source address for log forwarding.
|
| Netmask | If you assigned an IPv4 address to the interface, you must also enter a network mask (for example, 255.255.255.0). |
| Default Gateway | If you assigned an IPv4 address to the interface, you must also assign an IPv4 address to the default gateway (the gateway must be on the same subnet as the interface). |
| Administrative Management Services |
HTTP uses plaintext, which isn't as secure as HTTPS.
Therefore, Palo Alto Networks recommend you enable HTTPS instead
of HTTP for management traffic on the interface.
Telnet uses plaintext, which isn't as secure as SSH.
Therefore, Palo Alto Networks recommend you enable SSH instead
of Telnet for management traffic on the interface.
|
| Network Services |
Select the services you want to enable on the
interface:
|
| Permitted IP Addresses | Enter the IP addresses from which administrators can access the NGFW through the interface. An empty list (default) specifies that access is available from any IP address. |
Services
| Services | Description |
|---|---|
| Services | |
| Update Server | Enter the hostname or IP address of the update server that provides software updates, security patches, and configuration updates for the device. |
| Verify Update Server Identity | Enable the NGFW to verify that the server from which the software or content package is downloaded has an SSL certificate signed by a trusted authority. This will help prevent man-in-the-middle attacks and ensure updates come from trusted sources. |
| DNS Settings |
Choose the type of DNS service—Servers or DNS Proxy
Object—for all DNS queries that the NGFW initiates in support of
FQDN address objects, logging, and NGFW management. Options
include:
|
| Primary DNS Server | Enter the IP address of the primary DNS server for DNS queries from the NGFW. For example, to find the update server, to resolve DNS entries in logs, or resolve FDQN-based address objects. |
| Secondary DNS Server | (Optional) Enter the IP address of a secondary DNS server to use if the primary server is unavailable. |
| Encrypted DNS Connection Type | Specify the encryption protocol for DNS queries (e.g., DNS-over-HTTPS, DNS-over-TLS) to protect DNS traffic from eavesdropping and tampering. |
| Fallback on Unencrypted DNS | Enable to determine whether the device should use standard unencrypted DNS queries if encrypted DNS connections fail. May compromise privacy but ensures connectivity. |
| TCP Timeout (sec) | Specify the maximum time in seconds to wait for a TCP-based DNS query response before considering it failed and retrying or falling back to alternative servers. |
| Minimum FQDN Refresh Time (sec) | Set a limit on how fast the NGFW refreshes FQDNs that it receives from a DNS. The NGFW refreshes an FQDN based on the TTL of the FQDN as long as the TTL is greater than or equal to this Minimum FQDN Refresh Time (in seconds). If the TTL is less than this Minimum FQDN Refresh Time, the NGFW refreshes the FQDN based on this Minimum FQDN Refresh Time (that is, the NGFW does not honor TTLs faster than this setting). The timer starts when the NGFW receives a DNS response from the DNS server or DNS proxy object resolving the FQDN (range is 0 to 14,400; default is 30). A setting of 0 means the NGFW will refresh the FQDN based on the TTL value in the DNS and does not enforce a minimum FQDN refresh time. |
| FQDN Stale Entry Timeout (min) | Specify the length of time (in minutes) that the NGFW continues to use stale FQDN resolutions in the event of a network failure or unreachable DNS server —when an FQDN is not getting refreshed (range is 0 to 10,080; default is 1,440). A value of 0 means the NGFW does not continue to use a stale entry. If the DNS server is still unreachable at the end of the state timeout, the FQDN entry becomes unresolved (stale resolutions are removed). |
| Server | If the NGFW needs to use a proxy server to reach Palo Alto Networks update services, enter the IP address or host name of the proxy server. |
| Port | Enter the port for the proxy server. |
| User | Enter the username for the administrator to enter when accessing the proxy server. |
| Password/Confirm Password | Enter and confirm the password for the administrator to enter when accessing the proxy server. |
| Proxy for Cloud Services |
Enable all communication with cloud-based services
(such as software updates, telemetry, licensing servers, and
remote management platforms) to be routed through the specified
proxy server rather than connecting directly to the
internet.
This is commonly required in corporate environments
where direct internet access is restricted or where traffic
inspection is mandatory for security compliance.
|
| Proxy for Inline Cloud Services | Separate proxy configuration specifically for inline cloud services that may require different routing or authentication than general cloud services. |
Identity Settings
| Identity Settings | Description |
|---|---|
| Collector Interface | Specify the network interface designated for collecting and aggregating log data, telemetry, and monitoring information from network traffic or connected devices. |
Dynamic Updates Scheduler
| Dynamic Update Scheduler | Description |
|---|---|
| Recurrence | Define the schedule pattern (daily, weekly, monthly) for automated tasks such as updates, backups, or maintenance operations. |
| Minutes Past Hour | Specify the exact minute offset within each hour when scheduled tasks should execute (e.g., 15 minutes past every hour would run at 1:15, 2:15, etc.). |
| Action |
Download Only—Strata Cloud Manager will download the
scheduled update. You must manually install the update on NGFWs
and Log Collectors.
Download and Install—Strata Cloud Manager will download
and automatically install the scheduled update.
Download and SCP—Strata Cloud Manager will download and
transfer the content update package to the specified SCP
server.
|
|
Disable New Apps in Content Update
(Applications and Threats)
|
You can disable new apps in content updates only if you
set the update Type to App or App and Threat and only if Action
is set to Download and Install.
Select to disable applications in the update that are
new relative to the last installed update. This protects against
the latest threats while giving you the flexibility to enable
the applications after preparing any policy updates. Then, to
enable applications, log in to the NGFW, select DeviceDynamic
Updates, click Apps in the Features column to display the new
applications, and click Enable/Disable for each application you
want to enable.
|
| Threshold (hours) | The time duration in hours that must elapse before a specified action is triggered or a condition is considered met. |
|
New App-ID Threshold (hours)
(Applications and Threats)
| Specify the window in hours during which newly discovered application identifiers are considered "new" before being integrated into standard threat detection processes. |
| Sync to Peer | Enables synchronization of configuration, policies, or state information with peer devices in a high-availability or clustered deployment. |
Authentication and Accounting Settings
| Authentication and Account Settings | Description |
|---|---|
| Authentication Profile | Select the authentication profile (or sequence) the NGFW uses to authenticate administrative accounts that you define on an external server instead of locally on the NGFW (see Device > Authentication Profile). When external administrators log in, the NGFW requests authentication and authorization information (such as the administrative role) from the external server. |
| Authentication Profile (Non-UI) | Specify the authentication method and credentials used for programmatic or API-based access that doesn't involve the web user interface. |
| Certificate Profile | Select a certificate profile to verify the client certificates of administrators who are configured for certificate-based access to the NGFW web interface. For instructions on configuring certificate profiles, see |
| Accounting Server Profile | Configure the RADIUS or TACACS+ accounting servers that log user authentication events, session duration, and resource usage for auditing purposes. |
| Idle Timeout (min) | Enter the maximum time (in minutes) without any activity on the web interface or CLI before an administrator is automatically logged out (range is 0 to 1,440; default is 60). A value of 0 means that inactivity does not trigger an automatic logout. |
| API Key Lifetime (min) |
Enter the length of time (in minutes) for which the API
key is valid (range is 0 to 525,600; default is 0). A value of 0
means that the API key never expires.
Expire All API Keys to invalidate all previously
generated API keys. Use this option with caution because all
existing keys are rendered useless and any operation where you
are currently using those API keys will stop functioning.
|
| API Key Certificate | Select a certificate that will utilize the PAN-OS device certificate management function to encrypt the API key. |
| Failed Attempts | Enter the number of failed login attempts (0 to 10) that the NGFW allows for the web interface and CLI before locking out the administrator account. A value of 0 specifies unlimited login attempts. The default value is 0 for NGFWs in normal operational mode and 10 for NGFWs in FIPS-CC mode. Limiting login attempts can help protect the NGFW from brute force attacks. |
| Lockout Time (min) | Enter the number of minutes (range is 0 to 60) for which the NGFW locks out an administrator from access to the web interface and CLI after reaching the Failed Attempts limit. A value of 0 (default) means the lockout applies until another administrator manually unlocks the account. |
| Max Session Count (number) | Enter the number of concurrent sessions allowed for all administrator and user accounts (range is 0 to 4). A value of 0 (default) means that an unlimited amount of concurrent sessions are allowed. |
| Mass Session Time (min) | Enter the number of minutes (range is 60 to 1,499) that an active, non-idle administrator can remain logged in. Once this max session time is reached, the session is terminated and requires re-authentication to begin another session. The default value is set to 0 (30 days), which cannot be manually entered. If no value is entered, the Max Session Time defaults to 0. |
Aux1 and Aux2 Interface Settings
| Aux1 and Aux2 Interface Settings | Description |
|---|---|
| Enable Interface | Activates or deactivates the specified network interface for data transmission. |
| IP Address | Assign an IP address to the interface. Alternatively, you can assign the IP address of a loopback interface for NGFW management. By default, the IP address you enter is the source address for log forwarding. |
| Netmask | If you assigned an IP address to the interface, you must also enter a network mask (for example, 255.255.255.0). |
| Default Gateway | If you assign an IP address to the interface, you must also assign an IPv4 address to the default gateway (the gateway must be on the same subnet as the interface). |
| Speed | Configure a data rate and duplex option for the interface. The choices include 10Mbps, 100Mbps, and 1Gbps at full or half duplex. Use the default auto-negotiate setting to have the NGFW determine the interface speed. |
| MTU | Enter the maximum transmission unit (MTU) in bytes for packets sent on this interface (range is 576 to 1,500; default is 1,500). |
| Administrative Management Services |
HTTP uses plaintext, which is not as secure as HTTPS.
Therefore, Palo Alto Networks recommend you enable HTTPS instead
of HTTP for management traffic on the interface.
Telnet uses plaintext, which is not as secure as SSH.
Therefore, Palo Alto Networks recommend you enable SSH instead
of Telnet for management traffic on the interface.
|
| Network Services |
Select the services you want to enable on the
interface:
|
| Permitted IP Addresses | Enter the IP addresses from which administrators can access the NGFW through the interface. An empty list (default) specifies that access is available from any IP address. |
Banners and Messages
| Banner and Messages | Description |
|---|---|
| Message of the Day |
Select this option to enable the Message of the Day
dialog to display when an administrator logs in to the web
interface.
Enter the text (up to 3,200 characters) for the Message
of the Day dialog.
|
| Allow Do Not Display Again | Select this option (disabled by default) to include a Do not show again option in the Message of the Day dialog. This gives administrators the option to avoid seeing the same message in subsequent logins. |
| Title | Enter text for the Message of the Day header (default is Message of the Day). |
| Background Color | Select a background color for the Message of the Day dialog. The default (None) is a white background. |
| Icon |
Select a predefined icon to appear above the text in
the Message of the Day dialog:
|
| Header Banner | Enter the text that the header banner displays (up to 3,200 characters). |
| Header Color | Select a color for the header background. The default (None) is a transparent background. |
| Header Text Color | Select a color for the header text. The default (None) is black. |
| Same Banner for Header and Footer | Select this option (enabled by default) if you want the footer banner to have the same text and colors as the header banner. When enabled, the fields for the footer banner text and colors are grayed out. |
| Footer Banner | Enter the text that the footer banner displays (up to 3,200 characters). |
| Footer Color | Select a color for the footer background. The default (None) is a transparent background. |
| Footer Text Color | Select a color for the footer text. The default (None) is black. |
SNMP Settings
| SNMP Settings | Description |
|---|---|
| Physical Location | Specify the physical location of the NGFW. When a log or trap is generated, this information allows you to identify (in an SNMP manager) the NGFW that generated the notification. |
| Contact | Enter the name or email address of the person responsible for maintaining the NGFW. This setting is reported in the standard system information MIB. |
| Use Event-Specific Trap Definitions | This option is selected by default, which means the NGFW uses a unique OID for each SNMP trap based on the event type. If you clear this option, every trap will have the same OID. |
| Version |
Select the SNMP version: V2c (default) or V3. Your
selection controls the remaining fields that the dialog
displays.
|
| SNMP Community String (V2C) |
Enter the community string, which identifies an SNMP
community of SNMP managers and monitored devices and also serves
as a password to authenticate the community members to each
other when they exchange SNMP get (statistics request) and trap
messages. The string can have up to 127 characters, accepts all
characters, and is case-sensitive.
Don’t use the default community string public. Because
SNMP messages contain community strings in clear text, consider
the security requirements of your network when defining
community membership (administrator access).
|
| Views (V3) | You can assign a group of one or more views to the user of an SNMP manager to control which MIB objects (statistics) the user can get from the NGFW. Each view is a paired OID and bitwise mask: the OID specifies a MIB and the mask (in hexadecimal format) specifies which objects are accessible within (include matching) or outside (exclude matching) that MIB. |
| Users (V3) |
SNMP user accounts provide authentication, privacy, and
access control when NGFWs forward traps and SNMP managers get
NGFW statistics. For each user, click Add and configure the
following settings:
|
Minimum Password Complexity
| Minimum Password Complexity | Description |
|---|---|
| Enabled | Enable minimum password requirements for local accounts. With this feature, you can ensure that local administrator accounts on the NGFW will adhere to a defined set of password requirements. |
| Password Format Requirements |
There are no restrictions on any password field
character sets.
Commonly used words and phrases are not allowed as
passwords, regardless of any combination of upper and lower case
letters.
|
| Minimum Length | Require a minimum password length (range is 1 to 16 characters). |
| Minimum Uppercase Letters | Require a minimum number of uppercase letters (ranges is 0 to 16 characters). |
| Minimum Lowercase Letters | Require a minimum number of lowercase letters (range is 0 to 16 characters). |
| Minimum Numeric Letters | Require a minimum number of numeric letters (range is 0 to 16 numbers). |
| Minimum Special Characters | Require a minimum number of special (non-alphanumeric) characters (range is 0 to 16 characters). |
| Block Repeated Characters |
Specify the number of sequential duplicate characters
permitted in a password (range is 3 to 16).
If you set the value to 3, the password can contain the
same character in sequence three times but if the same character
is used four or more times in sequence, the password is not
permitted.
For example, if the value is set to 3, the system will
accept the password test111 or 111test111, but not test1111,
because the number 1 appears four times in sequence.
|
| Block Username Inclusion (Including Reversed) | Select this option to prevent the account username (or reversed version of the name) from being used in the password. |
| Functionality Requirements | Defines the operational and behavioral rules that passwords must follow beyond basic format complexity to ensure secure password management practices. This setting establishes functional constraints and policies for password usage. |
| New Password Differs by Character | When administrators change their passwords, the characters must differ by the specified value. |
| Require Password Change on First Login | Select this option to prompt administrators to change their passwords the first time they log in to the NGFW. |
| Prevent and Reuse Limit | Require that a previous password is not reused based on the specified count. For example, if the value is set to 4, you could not reuse any of your last 4 passwords (range is 0 to 50). |
| Block Password Change Period (days) | Users cannot change their passwords until the specified number of days is reached (range is 0 to 365 days). |
| Required Password Change Period (days) | Require that administrators change their password on a regular basis (in days) (range is 0 to 365). For example, if the value is set to 90, administrators are prompted to change their password every 90 days.You can also set an expiration warning from 0 to 30 days and specify a grace period. |
| Expiration Warning Period (days) | If a Required Password Change Period is set, you can use this Expiration Warning Period to prompt users at each log in to change their password when there are less than a specified number of days remaining before the required change date (range is 0 to 30). |
| Post Expiration Admin Login Count | Allow the administrator to log in a specified number of times after the required change date (range is 0 to 3). For example, if you set this value to 3 and their account has expired, they can log in 3 more times without changing their password before their account is locked out. |
| Post Expiration Grace Period (days) | Allow the administrator to log in for a specified number of days after the account has expired (range is 0 to 30). |
LLDP
| LLDP | Description |
|---|---|
| Enable | Enable the Link Layer Discovery Protocol (LLDP). |
| Transmit Interval (sec) | Specify the interval (in seconds) at which LLDPDUs are transmitted. Range is 1 to 3600; default is 30. |
| Transmit Delay (sec) |
Specify the delay time (in seconds) between LLDP
transmissions sent after a change is made in a TLV element.
The Transmit Delay must be less than the Transmit
Interval. Range is 1 to 600; default is 2.
|
| Hold Time Multiple | Specify a value that is multiplied by the Transmit Interval to determine the total TTL Hold Time. Range is 1 to 100; default is 4. |
| Notification Interval | Specify the interval (in seconds) at which LLDP Syslog Messages and SNMP Traps are transmitted when MIB changes occur. Range is 1 to 3600; default is 5. |
Policy Rulebase Settings
| Policy Rulebase Settings | Description |
|---|---|
| Require Tag on Policies | Requires at least one tag when creating a new policy rule. If a policy rule already exists when you enable this option, you must add at least one tag the next time you edit the rule. |
| Require Description on Policies | Requires that you add a Description when you create a new policy rule. If a policy rule already exists when you enable this option, you must add a Description the next time you edit the rule. |
| Fall Commit if Policies Have No Tags or Descriptions |
Forces your commit to fail if you do not add any tags
or a description to the policy rule. If a policy rule already
exists when you enable this option, the commit will fail if no
tag or description are added the next time you edit the
rule.
To fail the commit, you must Require tag on policies or
Require description on policies.
|
| Require Audit Comment on Policies | Requires Audit Comment when creating a new policy rule. If a policy rule already exists when you enable this option, you must add Audit Comment the next time you edit the rule. |
| Audit Comment Regular Expression | Specify requirements for the comment format parameters in audit comments. |
| Wildcard Top Down Match Mode | When Wildcard Top Down Match Mode is enabled, when a packet matches Security policy rules that use a source or destination IP address with wildcard mask and the masks overlap, the NGFW chooses the first of those matching rules (in top-down order) that fully matches all address bits based on masking. The default is disabled; in the event of matching overlapping wildcard masks, the NGFW chooses the rule with the longest matching prefix in the wildcard mask. |
| Policy Rule Hit Count | Tracks how often traffic matches the policy rules you configured on the NGFW. When enabled, you can view the total Hit Count for total traffic matches against each rule along with the date and time when the rule was Created, Modified, was First Hit and Last Hit. |
| Policy Application Usage | Define how security policies are applied to and enforced on network applications and traffic flows. This setting controls the scope and behavior of policy rules when evaluating application-specific traffic. |
Log Interface
| Log Interface | Description |
|---|---|
| IP Address | Enter the IP address of the log interface port. |
| Netmask | Specify the network mask for the IP address of the log interface. |
| Default Gateway | Enter IP address of the default gateway to enable the path for outgoing log. |
| IPv6 Address | The IPv6 address of the log interface port. |
| IPv6 Default Gateway | The IPv6 address of the default gateway for the port. |
| Link Speed | Select the interface speed in Mbps or select auto (default) to have the NGFW automatically determine the speed based on the connection. For interfaces that have a non-configurable speed, auto is the only option. |
| Link Duplex | Select whether the interface transmission mode is full-duplex (full), half-duplex (half), or negotiated automatically (auto). |
| Link State | Select whether the interface status is enabled (up), disabled (down), or determined automatically based on the connection (auto). The default is auto. |
Custom Logos
| Custom Logos | Description |
|---|---|
| Login Screen | Upload an image for the login screen. |
| Main UI | Upload an image for the UI. |
| PDF Report Title Page | Upload an image for the report title page. |
| PDF Report Footer | Upload an image for the report footer. |
PAN-OS Edge Service Settings
| PAN-OS Edge Service Settings | Description |
|---|---|
| Enable User Context Cloud Service | Enable the service that the Cloud Identity Engine uses to communicate with your NGFW. |
| Enable Host Compliance Cloud Service | Activate the cloud-based host compliance monitoring service that continuously assesses and validates the security posture of endpoint devices connecting to the network. |
SSH Management Profile Settings
| SSH Management Profile Settings | Description |
|---|---|
| Server Profile | A type of SSH service profile that applies to the SSH sessions for the CLI management connections on your network. To apply an existing server profile, select a profile, click OK, and Commit your change. |
Logging and Reporting Settings
| Logging and Reporting Settings | Description |
|---|---|
| Improved DNS Logging | Enable enhanced DNS query logging that captures additional metadata such as query types, response codes, and client information for better security analysis. |
ACE Settings
| ACE Settings | Description |
|---|---|
| Disable App-ID Cloud Engine |
Disable the App-ID Cloud Engine (ACE). ACE is enabled
by default. To disable ACE, click the check box so that ACE is
not enabled.
|
PAN-OS Security
| PAN-OS Security | Description |
|---|---|
| Device Security Settings–System Behavior When Security Violation Detected |
Define the device's response when security threats or
policy violations are detected, such as blocking traffic,
generating alerts, initiating quarantine procedures, or
triggering automated remediation actions.
|