Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PAN-OS - DNS Sinkhole #27700

Merged
merged 16 commits into from
Aug 9, 2023
Merged

PAN-OS - DNS Sinkhole #27700

Show file tree
Hide file tree
Changes from 14 commits
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
c5ff17a
Added playbooks, tests, images, and formatted
idovandijk Jun 22, 2023
8453796
Merge branch 'master' of github.com:demisto/content into pan-os-dns-s…
idovandijk Jun 22, 2023
d1e7243
fixed conf.json and updated playbook description
idovandijk Jun 22, 2023
cc44668
Fixed validation issues in both playbooks
idovandijk Jun 22, 2023
23b7354
Added READMEs and release notes
idovandijk Jun 22, 2023
7555f8c
Merged from master while keeping existing pack version (I am upping i…
idovandijk Jul 17, 2023
21c2bc9
Merge branch 'master' of github.com:demisto/content into pan-os-dns-s…
idovandijk Jul 17, 2023
7c6705a
Removed old files, added new files, docs, pb images, and new RN. Also…
idovandijk Jul 18, 2023
3de9246
Merge branch 'master' of github.com:demisto/content into pan-os-dns-s…
idovandijk Jul 18, 2023
150b1b9
Merged changes from master
idovandijk Aug 7, 2023
d76f4d3
Updated playbook with fixes, pb image, and pb readme
idovandijk Aug 7, 2023
0234c5b
Merge branch 'master' into pan-os-dns-sinkhole
idovandijk Aug 8, 2023
4e33c5e
Fixed test configurations for playbooks
idovandijk Aug 8, 2023
839f8c6
Fixed test configuration in conf.json to use FW and not Panorama
idovandijk Aug 8, 2023
3046d4c
Apply suggestions from tech docs
idovandijk Aug 9, 2023
2c8f756
Merge branch 'master' into pan-os-dns-sinkhole
idovandijk Aug 9, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
1,042 changes: 1,042 additions & 0 deletions Packs/PAN-OS/Playbooks/PAN-OS_-_Add_Anti-Spyware_Security_Profile_To_Rule.yml
View file
Open in desktop

Large diffs are not rendered by default.

58 changes: 58 additions & 0 deletions ...s/PAN-OS/Playbooks/PAN-OS_-_Add_Anti-Spyware_Security_Profile_To_Rule_README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
This playbook is designed to enhance the security level in PAN-OS firewalls by safely adding an Anti-Spyware security profile to a security rule.

The playbook provides control over the behavior when a rule:
- Already has an Anti-Spyware profile
- Uses a security profile group, with or without an Anti-Spyware profile

The output of the playbook is the Anti-Spyware profile configured for the rule upon playbook completion. This can be:
- The initial profile, if untouched
- A newly overwritten profile
- A newly added profile


## Dependencies

This playbook uses the following sub-playbooks, integrations, and scripts.

### Sub-playbooks

This playbook does not use any sub-playbooks.

### Integrations

* Panorama
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* Panorama
Panorama


### Scripts

* SetAndHandleEmpty
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* SetAndHandleEmpty
SetAndHandleEmpty


### Commands

* pan-os-get-security-profiles
* pan-os-create-anti-spyware-best-practice-profile
* pan-os-apply-security-profile
* pan-os-list-rules

## Playbook Inputs

---

| **Name** | **Description** | **Default Value** | **Required** |
| --- | --- | --- | --- |
| RuleName | The name of the rule to which the Security Profile should be added. | | Required |
| SecurityProfileName | The name of the Security Profile that should be added to the rule. If it doesn't exit, one will be created with the name specified here. | | Required |
| OverwriteProfileIfExists | Whether to overwrite an existing Anti-Spyware Security Profile.<br/>If an Anti-Spyware Security Profile is configured to the rule through a group of profiles and not a single profile, setting this input's value to True will overwrite the existing profile within the group instead of applying the profile and overwriting the whole group.<br/><br/>Possible values are: True to overwrite, False to keep existing. | False | Required |

## Playbook Outputs

---

| **Path** | **Description** | **Type** |
| --- | --- | --- |
| AntiSpywareProfileNameApplied | The name of the Anti-Spyware Security Profile that is applied to the rule. The value could be the name of the profile that was added, overwritten with, or left untouched - for the specified rule. | unknown |

## Playbook Image

---

![PAN-OS - Add Anti-Spyware Security Profile To Rule](../doc_files/PAN-OS_-_Add_Anti-Spyware_Security_Profile_To_Rule.png)