- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Infoblox Integration with Palo Alto Network Firewall – Demo Video, Deployment Guide and Templates
[ Edited ]- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
Hello,
We are excited to announce the availability of Infoblox integration with Palo Alto Networks Firewalls.
The integration of DNS security and vulnerability scanners enables security and incident response teams to enhance visibility, manage assets, and automate remediation. You can improve your security posture while maximizing the ROI from both products. This integration is built with the Infoblox Outbound REST API.
Don’t forget to watch the quick demo video shown below:
In the attached documents you will find the templates for the Palo Alto integration in PDF and txt format. The templates are provided “as-is” and should be tested in your lab environment and modified as needed before implementing them into production.
The templates require extensible attributes described in the table below. It is recommended to inherit attributes with the default values from the network view level:
Extensible Attribute |
Description |
PaloAlto_Asset_Sync |
Serves as toggle to turn off sync for Asset events. Set default as true to turn on sync. Enable Inheritance in the setup wizard. |
PaloAlto_Asset_SyncedAt
|
Updated with timestamp on an asset event. This attribute is created on the specific IP by the WAPI call when not present. |
PaloAlto_Security_Sync
|
Serves as toggle to turn on/off sync for Security events. Enable “Inheritance” in the setup wizard and the external attribute from the network level is inherited and used. Default value can be set true. |
PaloAlto_Security_SyncedAt
|
Updated with timestamp on a security event. This attribute is created on the specific IP by the WAPI call when not present. |
the templates require Session variables described in the table below:
Session Variable |
Description |
PaloAlto_Host_Allow |
The address group object which needs to be populated on the firewall for allowed hosts. This should be the same as the address group object created through the Palo Alto configuration. Set a default value (eg: Iblox_Host_Allow). |
PaloAlto_Host_Deny |
The address group object which needs to be populated on the firewall for denied hosts. This should be the same as the address group object created through the Palo Alto configuration. Set a default value (eg: Iblox_Host_Deny). |
Re: Infoblox Integration with Palo Alto Network Firewall – Demo Video, Deployment Guide and Template
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
10-10-2018 11:44 AM
Atteched a template which supports networks IPv4 notification (NETWORK_IPV4)
The template is ugly (should be cleaned up or just recreated) but works.
Vadim
Re: Infoblox Integration with Palo Alto Network Firewall – Demo Video, Deployment Guide and Template
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
03-15-2019 02:31 AM
Hello,
did you try the integration with Palo Alto firewalls without Multi System Virtual Capability like PA-220?
Did you start with Palo Alto firewalls with Multi System Virtual Capability to simplify WAPI calls or are there some other technical reasons?
Thanks in advance
Regards
Alessandro
Re: Infoblox Integration with Palo Alto Network Firewall – Demo Video, Deployment Guide and Template
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
04-17-2019 06:49 AM
Hello Alessandro,
Nope the simple reason was because this was the appliance that Palo Alto provided to us to use. that's why we used it. Also, it hasn't been tested on any other appliances from my knowledge. let me know if you run into any troubles.
Thank you,
Kevin Zettel