Skip to main content

PAN-OS Policy Optimizer (beta)

Download With Dependencies

This integration introduces Policy Optimizer and DAG features that are not available through the regular PAN API

Automate your AppID Adoption by using the PAN-OS Policy Optimizer (beta) integration and playbooks together with your Palo Alto Networks Next-Generation Firewall or Panorama.

What Does This Pack Do?

The Policy Optimizer integration in this content pack enables you to gain visibility into and control usage of security policy rules.

The playbooks in this pack also help you automate the following procedures to reduce the attack surface and safely enable applications on your network.

  • Identify unused rules.
  • Identify port-based rules so you can convert them to application-based rules that allow traffic or add applications to existing rules without compromising application availability.
  • Identify rules configured with unused applications.
  • Analyze rule characteristics and prioritize which rules to migrate or clean up.

As part of this pack, you also get out-of-the-box Policy Optimizer incident views, a full layout, and automation scripts. All of these are easily customizable to suit the needs of your organization.

For more information, visit our PAN-OS Policy Optimizer docs page.


Pack Contributors:

  • Maciej Drobniuch

Contributions are welcome and appreciated. For more info, visit our Contribution Guide.


Maciej Drobniuch and Cortex XSOAR


Cortex XSOARCortex XSIAM


Supported ByCommunity
CreatedApril 22, 2021
Last ReleaseNovember 17, 2022

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.