STIGQter: STIG Summary: Palo Alto Networks ALG Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020: STIGQter: STIG Summary: Palo Alto Networks ALG Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:SV-228854r557387_rule
V-228854
SRG-NET-000313-ALG-000010
PANW-AG-000078
CAT II
10
These instructions explain the steps involved, but do not provide specific details since the exact policies and expected traffic are not known.
Go to Policies >> Security
Select "Add".
In the "Security Policy Rule" window, complete the required fields.
Configure the Security Policy in accordance with the policy for the resulting decrypted traffic.
Commit changes by selecting "Commit" in the upper-right corner of the screen.
Select "OK" when the confirmation dialog appears.
If the Palo Alto Networks security platform is not used as a TLS gateway/decryption point or VPN concentrator, this is not applicable.
Go to Policies >> Decryption
Note each configured decryption policy.
Go to Policies >> Security
View the configured security policies.
If there is a decryption policy that does not have a corresponding security policy, this is a finding.
The matching policy may not be obvious, and it may be necessary for the Administrator to identify the corresponding security policy.
V-228854
False
PANW-AG-000078
If the Palo Alto Networks security platform is not used as a TLS gateway/decryption point or VPN concentrator, this is not applicable.
Go to Policies >> Decryption
Note each configured decryption policy.
Go to Policies >> Security
View the configured security policies.
If there is a decryption policy that does not have a corresponding security policy, this is a finding.
The matching policy may not be obvious, and it may be necessary for the Administrator to identify the corresponding security policy.
M
4233