This playbook migrates port-based rules to application-based allow rules to reduce the attack surface and safely enable applications on your network.
This playbook uses the following sub-playbooks, integrations, and scripts.
- Policy Optimizer - Add Applications to Policy Rules
- PAN-OS Commit Configuration
PANOSPolicyOptimizer
IsIntegrationAvailable
- send-notification
- closeInvestigation
- pan-os-po-no-apps
- panorama-delete-rule
- send-mail
Name | Description | Default Value | Required |
---|---|---|---|
slack_user | Slack user to notify about port based rules. | Optional | |
email_address | User email address to notify about port based rules. | Optional | |
auto_commit | Specifies whether you want to auto-commit the configuration for the PAN-OS policy changes automatically (Yes/No). | Optional |
There are no outputs for this playbook.