Select your country

Not finding what you are looking for, select your country from our regional selector:


Full Best Practices Assessment

Palo Alto Networks

Do you have a state-of-the-art firewall from Palo Alto Networks today?

In this rapidly-evolving technological world, it is crucial to check whether your firewall can still face current and future threats. Our Palo Alto experts have created a checklist with 7 items to help you protect your organization.

Go to the checklist

Palo Alto Networks’ Best Practice Assessment (BPA) tool

Palo Alto Networks created a Best Practice Assessment (BPA) Tool to check whether your firewall is still Next-Generation. The BPA tool performs more than 200 security checks on a firewall or the Panorama central management configuration and provides a pass/fail score for each check.

The Best Practices Assessment uses the configuration files from your Palo Alto Networks Next-Generation Firewall(s) to produce a heatmap and a list of recommendations. The heatmap provides a detailed overview of the adoption of security capabilities like App-ID, User-ID, Threat Prevention, URL Filtering, WildFire and Logging on your firewall.

According to Gartner research, 95% of all firewall breaches are caused by misconfiguration, not flaws. It is essential to adhere your firewall configuration to the evolving best practices on a regular basis in order to keep the security posture of your Next-Generation Firewall at a maximized level.

The Best Practices tool has the following features:

  • It evaluates a device’s configuration by measuring the adoption of your firewall’s security capabilities like App-ID, User-ID, Threat Prevention, URL Filtering, WildFire, and Logging;
  • It validates whether the policies adhere to best practices & compares against industry standards; The Best Practices Assessment tool performs more than 200 checks and compares industry averages in your sector based on all other Best Practice Assessment checks worldwide.
  • It provides recommendations and instructions on how to remediate failed best practice checks;
  • It benchmarks against CIS Top 20 Critical Security Controls.

The outcome of the BPA tool is an excellent starting point for a more secure and consistent configuration of your firewall. Best practices, however, always depend on a specific environment. That is why an experienced consultant should always interpret your results.

At Orange Cyberdefense, we add an extra layer of expert advice to the results of the Palo Alto Networks BPA tool in a detailed report.

This report includes:

  • An executive summary,
  • Prioritized recommendations customized to your environment

These recommendations are based on a set of configuration best practices developed by Orange Cyberdefense called ‘TheOrange Cyberdefense Project Approach’. This approach helps you to bring your firewall to a maximized level of security.

Some best practice examples are:

  • Convert the layer 4 security rule base to an application security rule base;
  • Enhance threat protection profiles;
  • Apply URL-filtering best practices;
  • Enhance SSL decryption visibility;
  • Apply threat intelligence in security policies;
  • Integrate with other security components.

Incident Response Hotline

Facing cyber incidents right now?

Contact our 24/7/365 world wide service incident response hotline.