Palo Alto Networks IDPS Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-NET-000018-IDPS-00018
Group -
SRG-NET-000077-IDPS-00062
Group -
The Palo Alto Networks security platform must produce audit records containing information to establish the source of the event, including, at a minimum, originating source address.
Associating the source of the event with detected events in the logs provides a means of investigating an attack or suspected attack. While auditing and logging are closely related, they are not t...Rule Medium Severity -
SRG-NET-000078-IDPS-00063
Group -
SRG-NET-000089-IDPS-00069
Group -
SRG-NET-000192-IDPS-00140
Group -
SRG-NET-000229-IDPS-00163
Group -
The Palo Alto Networks security platform must detect and deny any prohibited mobile or otherwise malicious code at the enclave boundary.
Mobile code is defined as software modules obtained from remote systems, transferred across a network, and then downloaded and executed on a local system without explicit installation or execution ...Rule Medium Severity -
SRG-NET-000246-IDPS-00205
Group -
The Palo Alto Networks security platform must install updates for application software files, signature definitions, detection heuristics, and vendor-provided rules when new releases are available in accordance with organizational configuration management policy and procedures.
Failing to update malicious code protection mechanisms, including application software files, signature definitions, and vendor-provided rules, leaves the system vulnerable to exploitation by recen...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.