Skip to main content

Palo Alto Networks NGFW

palo-alto-networks-ngfw

Version: 1.4 Updated: May 29, 2024

Issue containment actions during incident investigation through Palo Alto NGFW.

Actions

  • List Applications (Enrichment) - List all applications.
  • Block IP (Containment) - Block traffic in the specified direction to/from the specified IP.
  • Unblock IP (Containment) - Remove block in the specified direction to/from the specified IP.
  • Block URL (Containment) - Block traffic to/from the specified URL.
  • Unblock URL (Containment) - Remove block to/from the specified URL.
  • Block Port (Containment) - Block traffic from the specified protocol to/from the port.
  • Unblock Port (Containment) - Remove block on the specified protocol to/from the port.
  • Block Application (Containment) - Block traffic to/from specified application.
  • Unblock Application (Containment) - Remove block on specified application.

External Libraries

Change Log

  • January 14, 2020 - First upload
  • July 11, 2023 (v1.3)
    • Updated the integration with Environmental Variables
    • Integration renamed from Palo Alto Networks NGFW OIF to Palo Alto Networks NGFW
  • May 29, 2024 (v1.4) - Docker updated
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.