The Palo Alto Networks security platform must update malicious code protection mechanisms and signature definitions whenever new releases are available in accordance with organizational configuration management policy and procedures.

An XCCDF Rule

Description

<VulnDiscussion>In order to minimize any potential negative impact to the organization caused by malicious code, malicious code must be identified and eradicated. Malicious code includes viruses, worms, Trojan horses, and Spyware.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-228847r1018772_rule
Severity: Medium
References: CCI-001240 CCI-004965
Updated: 17 days ago

If the device has authorized connectivity to the Palo Alto site, automatic updates can be used.

To schedule automatic updates:
Go to Device >> Dynamic Updates.
Select the text to the right of Schedule.
In the "Applications and Threat Updates Schedule" Window; complete the required information.In the "Recurrence" field, select the desired frequency. If the update frequency is Weekly, select which day of the week.
In the "Time" field, enter the time at which you want the device to check for updates.
For the Action, select "Download and Install".
Select "OK".
Commit changes by selecting "Commit" in the upper-right corner of the screen.
Select "OK" when the confirmation dialog appears.

To retrieve the latest signatures:
Go to Device >> Dynamic Updates.
Select "Check Now" at the bottom of the page. 

If the device does not have authorized connectivity to the Palo Alto site, a manual process must be used. If manual updates are used, an administrator must obtain updates from the Palo Alto Networks website and upload them from a workstation or server to the device.
Go to Device >> Dynamic Updates.
Select "Upload" (at the bottom of the pane).
In the Select "Package Type" for the "Upload" window in the "Package Type" field, select "anti-virus".
Browse to and select the appropriate file.
Select "OK".
Select "Install From File" (at the bottom of the pane).
In the "Select Package Type for Installation" window, select "antivirus".
Select "OK".
In the "Install Application and Threats From File" window, select the previously uploaded file.
Select "OK".

The Palo Alto Networks security platform must update malicious code protection mechanisms and signature definitions whenever new releases are available in accordance with organizational configuration management policy and procedures.

Description

Remediation - Manual Procedure