Detections
Analytics

CIS Palo Alto Firewall 11 v1.0.0 L2

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Palo Alto Firewall 11 v1.0.0 L2

Updated: 7/29/2024

Authority: CIS

Plugin: Palo_Alto

Revision: 1.3

Estimated Item Count: 10

Audit Items

DescriptionCategories
1.1.1.2 SNMPv3 traps should be configured
1.2.5 Ensure valid certificate is set for browser-based administrator interface
1.6.3 Ensure that the Certificate Securing Remote Access VPNs is Valid
2.1 Ensure that IP addresses are mapped to usernames
2.2 Ensure that WMI probing is disabled
5.7 Choosing Wildfire public cloud region
6.16 Ensure that a Zone Protection Profile with tuned Flood Protection settings enabled for all flood types is attached to all untrusted zones
7.1 Ensure application security policies exist when allowing traffic from an untrusted zone to a more trusted zone
8.3 Ensure that the Certificate used for Decryption is Trusted
CIS_Palo_Alto_Firewall_11_Benchmark_v1.0.0_L2.audit from CIS Palo Alto Firewall 11 Benchmark v1.0.0