| 2.1 Ensure that IP addresses are mapped to usernames - User ID Agents | CIS Palo Alto Firewall 7 Benchmark L2 v1.0.0 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| 2.1 Ensure that IP addresses are mapped to usernames - User ID Agents | CIS Palo Alto Firewall 6 Benchmark L2 v1.0.0 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| 2.1 Ensure that IP addresses are mapped to usernames - User ID Agents | CIS Palo Alto Firewall 8 Benchmark L2 v1.0.0 | Palo_Alto | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.1 Ensure that IP addresses are mapped to usernames - Zones | CIS Palo Alto Firewall 6 Benchmark L2 v1.0.0 | Palo_Alto | CONFIGURATION MANAGEMENT |
| 2.1 Ensure that IP addresses are mapped to usernames - Zones | CIS Palo Alto Firewall 7 Benchmark L2 v1.0.0 | Palo_Alto | CONFIGURATION MANAGEMENT |
| 2.1 Ensure that IP addresses are mapped to usernames - Zones | CIS Palo Alto Firewall 8 Benchmark L2 v1.0.0 | Palo_Alto | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2 Ensure that WMI probing is disabled | CIS Palo Alto Firewall 8 Benchmark L2 v1.0.0 | Palo_Alto | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 2.3 Ensure that User-ID is only enabled for internal trusted interfaces | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 2.4 Ensure that 'Include/Exclude Networks' is used if User-ID is enabled | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 5.5 Ensure all WildFire session information settings are enabled | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.5 Ensure all WildFire session information settings are enabled | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.5 Ensure all WildFire session information settings are enabled | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 5.6 Ensure alerts are enabled for malicious files detected by WildFire | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.6 Ensure alerts are enabled for malicious files detected by WildFire | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.6 Ensure alerts are enabled for malicious files detected by WildFire - log-type 'wildfire' | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - Log Container Page | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - Log Container Page | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - Log Container Page | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - Referer | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - Referer | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - Referer | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - User-Agent | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - User-Agent | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - User-Agent | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - X-Forwarded-For | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - X-Forwarded-For | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - X-Forwarded-For | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 7.3 Ensure 'Security Policy' denying any/all traffic exists at the bottom of the security policies ruleset | CIS Palo Alto Firewall 6 Benchmark L2 v1.0.0 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Ensure 'Security Policy' denying any/all traffic exists at the bottom of the security policies ruleset | CIS Palo Alto Firewall 7 Benchmark L2 v1.0.0 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
