PANW-AG-000065 - The Palo Alto Networks security platform must automatically update malicious code protection mechanisms - Schedule

Information

Remote access is access to DOD nonpublic information systems by an authorized user (or an information system) communicating through an external, non-organization-controlled network. Remote access methods include broadband and wireless connections. Remote access methods include, for example, proxied remote encrypted traffic (e.g., TLS gateways, web content filters, and webmail proxies).

Solution

Go to Device >> Dynamic Updates; select 'Check Now' at the bottom of the page to retrieve the latest signatures.
To schedule automatic signature updates. Note: The steps provided below do not account for local change management policies.
Go to Device >> Dynamic Updates; select the text to the right of Schedule.
In the 'Applications and Threat Updates Schedule' window; complete the required information.
In the 'Recurrence' field, select Daily.
In the 'Time' field, enter the time at which you want the device to check for updates.
For the Action, select 'Download and Install'.
Select 'OK'.
Commit changes by selecting 'Commit' in the upper-right corner of the screen. Select 'OK' when the confirmation dialog appears.

If using Dynamic Updates is not possible due to mission requirements, implement a manual process.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_PAN_Y24M07_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3b., CAT|II, CCI|CCI-004964, Rule-ID|SV-228851r997597_rule, STIG-ID|PANW-AG-000065, STIG-Legacy|SV-77073, STIG-Legacy|V-62583, Vuln-ID|V-228851

Plugin: Palo_Alto

Control ID: 91cd303c45003dea91869ab109707d87ce1e36d40a44e41637c3a2bfdc902f23