API & Integration

Reply

Infoblox Integration with Palo Alto Network Firewall – Demo Video, Deployment Guide and Templates

[ Edited ]
Moderator kzettel
Moderator
Posts: 37
701     0

Hello,

 

We are excited to announce the availability of Infoblox integration with Palo Alto Networks Firewalls.

 

The integration of DNS security and vulnerability scanners enables security and incident response teams to enhance visibility, manage assets, and automate remediation. You can improve your security posture while maximizing the ROI from both products. This integration is built with the Infoblox Outbound REST API.

 

Don’t forget to watch the quick demo video shown below:

 

 

In the attached documents you will find the templates for the Palo Alto integration in PDF and txt format. The templates are provided “as-is” and should be tested in your lab environment and modified as needed before implementing them into production.

 

The templates require extensible attributes described in the table below. It is recommended to inherit attributes with the default values from the network view level:

           

Extensible Attribute

Description

PaloAlto_Asset_Sync

Serves as toggle to turn off sync for Asset events. Set default as true to turn on sync. Enable Inheritance in the setup wizard.

PaloAlto_Asset_SyncedAt

 

Updated with timestamp on an asset event. This attribute is created on the specific IP by the WAPI call when not present.

PaloAlto_Security_Sync

 

Serves as toggle to turn on/off sync for Security events. Enable “Inheritance” in the setup wizard and the external attribute from the network level is inherited and used. Default value can be set true.

PaloAlto_Security_SyncedAt

 

Updated with timestamp on a security event. This attribute is created on the specific IP by the WAPI call when not present.

 

the templates require Session variables described in the table below:

 

Session Variable

Description

PaloAlto_Host_Allow

The address group object which needs to be populated on the firewall for allowed hosts. This should be the same as the address group object created through the Palo Alto configuration. Set a default value (eg: Iblox_Host_Allow).

PaloAlto_Host_Deny

The address group object which needs to be populated on the firewall for denied hosts. This should be the same as the address group object created through the Palo Alto configuration. Set a default value (eg: Iblox_Host_Deny).

Highlighted

Re: Infoblox Integration with Palo Alto Network Firewall – Demo Video, Deployment Guide and Template

Adviser
Posts: 121
701     0

Atteched a template which supports networks IPv4 notification (NETWORK_IPV4)

The template is ugly (should be cleaned up or just recreated) but works.

 

Vadim

Showing results for 
Search instead for 
Do you mean 

Recommended for You