Skip to main content

PAN-OS Policy Optimizer (beta)

Download With Dependencies

This integration introduces Policy Optimizer and DAG features that are not available through the regular PAN API

Automate your AppID Adoption by using the PAN-OS Policy Optimizer (beta) integration and playbooks together with your Palo Alto Networks Next-Generation Firewall or Panorama.
This integration was integrated and tested with Panorama version 10.1.10.

What Does This Pack Do?

The Policy Optimizer integration in this content pack enables you to gain visibility into and control usage of security policy rules.

The playbooks in this pack also help you automate the following procedures to reduce the attack surface and safely enable applications on your network.

  • Identify unused rules.
  • Identify port-based rules so you can convert them to application-based rules that allow traffic or add applications to existing rules without compromising application availability.
  • Identify rules configured with unused applications.
  • Analyze rule characteristics and prioritize which rules to migrate or clean up.

As part of this pack, you also get out-of-the-box Policy Optimizer incident views, a full layout, and automation scripts. All of these are easily customizable to suit the needs of your organization.

For more information, visit our PAN-OS Policy Optimizer docs page.

Policy_Optimizer_-_Manage_Unused_Rules

Pack Contributors:


  • Maciej Drobniuch

Contributions are welcome and appreciated. For more info, visit our Contribution Guide.

Automate your AppID Adoption by using the PAN-OS Policy Optimizer (beta) integration and playbooks together with your Palo Alto Networks Next-Generation Firewall or Panorama.
This integration was integrated and tested with Panorama version 10.1.10.

What Does This Pack Do?

The Policy Optimizer integration in this content pack enables you to gain visibility into and control usage of security policy rules.

The playbooks in this pack also help you automate the following procedures to reduce the attack surface and safely enable applications on your network.

  • Identify unused rules.
  • Identify port-based rules so you can convert them to application-based rules that allow traffic or add applications to existing rules without compromising application availability.
  • Identify rules configured with unused applications.
  • Analyze rule characteristics and prioritize which rules to migrate or clean up.

As part of this pack, you also get out-of-the-box Policy Optimizer incident views, a full layout, and automation scripts. All of these are easily customizable to suit the needs of your organization.

For more information, visit our PAN-OS Policy Optimizer docs page.

Policy_Optimizer_-_Manage_Unused_Rules

Pack Contributors:


  • Maciej Drobniuch

Contributions are welcome and appreciated. For more info, visit our Contribution Guide.

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Supported ByCommunity
CreatedApril 22, 2021
Last ReleaseJuly 9, 2024
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.