The Palo Alto Networks security platform must uniquely identify and authenticate organizational administrators (or processes acting on behalf of organizational administrators).
An XCCDF Rule
Description
<VulnDiscussion>To assure accountability and prevent unauthenticated access, organizational administrators must be uniquely identified and authenticated for all network management accesses to prevent potential misuse and compromise of the system.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-228646r961863_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Create a separate administrative account for each person who needs access to the administrative or reporting functions of the firewall.
Go to Device >> Administrators
Select "Add" (in the lower-left corner of the pane).
Complete the required information;
In the "Name" field, enter the name of the Administrator.
Note: That accounts must identify a single person; the only exception allowed is the emergency administration account.