Palo Alto Networks offers a Best Practice Assessment tool that lets you know what specific changes you’d need to make on your firewall to address the identified security shortcomings and bring your firewall up to best practice.
Because if you know what shortcomings you have in your firewall configuration, you can target fixes instead of scratching your head hoping for the best - and you’ll have the confidence to communicate to the powers that be (like your manager, the board of directors or their auditors) that you’ve run a firewall that ensures your company is secure and is well on its way to meeting any compliance requirements. And we all know, if the powers above are happy then everyone in the company is happy.
Another advantage of running a Best Practice Assessment is that you have a solid case to back you if someone queries any security issues with you. If you’re compliant, you have the grounds to say you’re doing best practice – and what could be better than that?
Security standards change over time, so reassessing your environment against the latest best practice continually is something we advise. What was best practice a year ago is not a best practice today.
Interpreting the Best Practice Assessment report is as important as running it. Just because something comes up in the report doesn’t mean it needs action. Oreta can help identify which security alerts you can park and which ones require immediate action. We can also create the necessary supporting documentation to show reasoning and justification (in case anyone questions why you decide to fix some alerts over the others). Our knowledge and expertise can save you a lot of time, and budget, in determining which fixes are more urgent than others.
The concepts in Palo Alto Networks Best Practice Assessment are common, but Oreta’s analysis goes further, not just interpreting the BPA recommendations with respect to your environment, but reviewing your firewall’s base configuration against NIST, CIS and SANS hardening recommendations; Because having a secure perimeter is the first step to having a secure environment.
With our in-house certified security experts, our staff are PCNSE (Palo Alto Networks Certified Network Security Engineer) certified so we not only know about the best ways to carry these assessments using the Palo Alto Networks tool, but we're also passionate about helping you ensure your environment is secure.
If you have any questions about a Best Practice Assessment feel free to get in touch with us.