Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

Palo Alto Networks

Reply
This is an open group. Sign in and click the "Join Group" button to become a group member and start posting.
Infoblox NIOS Outbound API Integration with PAN Firewall – Deployment Guide & Templates
New Member
sschuur
Posts: 10
Registered: ‎06-24-2019

‎12-18-2023 02:17 AM

sschuur
New Member
Posts: 12

We are excited to bring you the latest integration with Palo Alto Next Generation Firewall.

 

Infoblox provides PAN with IPAM data that contain IP addresses, and PAN applies security policies on groups of these IPs. This integration is built with the Infoblox Outbound REST API.

 

In addition to all the functionality provided in the previous version here, these templates add a handful of extra features for Dynamic Address Groups:

 

  1. More IPAM object support
    • You can now sync network and network container objects to the PAN firewall.
  2. Discovery & vDiscovery support
    • You can now sync discovered devices to the PAN firewall.

In the attached documents you will find the templates for the PAN Firewall integration in JSON format. The templates are provided “as-is” and should be tested in your lab environment and modified as needed before implementing them into production.

 

Find the deployment guide here.

images.icon_attachment.alt
PAN Templates.zip ‏15 KB
Reply
Re: Infoblox NIOS Outbound API Integration with PAN Firewall – Deployment Guide & Templates
New Member
aajiik
Posts: 2
Registered: ‎03-01-2024

Tuesday

aajiik
New Member
Posts: 2

I have a need to include A/AAAA records in static asset sync to Palo Alto.

However looking at the exported template schema events only these are available.

I take these are the event types supported by the current NIOS version (9.0.3), is this correct?

If so there seems to be no way for me to add the support myself?

 

"RPZ",
"IPAM",
"LEASE",
"TUNNEL",
"ADP",
"DXL",
"NETWORK_IPV4",
"NETWORK_IPV6",
"RANGE_IPV4",
"RANGE_IPV6",
"FIXED_ADDRESS_IPV4",
"FIXED_ADDRESS_IPV6",
"HOST_ADDRESS_IPV4",
"HOST_ADDRESS_IPV6",
"DISCOVERY_DATA",
"SCHEDULE",
"DNS_RECORD",
"DNS_ZONE",
"SESSION"

-AJ

Reply
0 Kudos
Re: Infoblox NIOS Outbound API Integration with PAN Firewall – Deployment Guide & Templates
Adviser
Adviser
Vadim
Posts: 172
Registered: ‎09-09-2015

Tuesday

Vadim
Adviser
Posts: 82

DNS_RECORD notification is triggered on any DNS record changes. You will need to filter out the record types you don't need

Reply
Re: Infoblox NIOS Outbound API Integration with PAN Firewall – Deployment Guide & Templates
New Member
aajiik
Posts: 2
Registered: ‎03-01-2024

Wednesday

aajiik
New Member
Posts: 2

The code is not that straightforward to read.

Are there any diagrams available which show how the code is supposed to work?

 

The templates are now in community, are there any chances that these would be moved to official support?

Reply
0 Kudos
Re: Infoblox NIOS Outbound API Integration with PAN Firewall – Deployment Guide & Templates
Moderator
Moderator
kzettel
Posts: 85
Registered: ‎06-21-2017

Wednesday

kzettel
Moderator
Moderator
Posts: 70

Hello,

 

There are no official diagrams and the closest I have to show how it works is the video.

As for community vs official support this integration will remain in the community support for now and we don't have any current plans to change it. There may be a new integration in the future that does become officially supported but not today.

 

Thank you,
Kevin Zettel

Reply
0 Kudos
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: