6.5 Ensure passive DNS monitoring is set to enabled on all anti-spyware profiles in use

Information

Enable passive DNS monitoring within all anti-spyware profiles in use.
Rationale:
Enabling passive DNS monitoring improves PAN's threat prevention and threat intelligence capabilities. This is performed without source information delivered to PAN to ensure sensitive DNS information of the organization is not compromised.

Solution

Navigate to Objects > Security Profiles > Anti-Spyware Policies > Security.
For each anti-spyware profile in use, set the Enable Passive DNS Monitoring box under the DNS Signatures tab to be checked.
Default Value:
Not Configured

See Also

https://workbench.cisecurity.org/files/1780

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-4(4), CSCv6|8.5, CSCv6|8.6

Plugin: Palo_Alto

Control ID: e0cc68f120e5ce87d1cf5d27e765e42dc2b5fcc76327277f012e1a3c6b0d02e2