Security Policy Best Practices
Security policy encompasses not only rules that enforce best practices access and inspection of network traffic, but also best practices for your rulebase, Policy Optimizer, and safeguarding SaaS applications and IoT devices. Learn about best practices for rule construction (including applications, users, devices, sources and destinations, logging, inspecting traffic, and controlling website access), using application groups and application filters, rulebase construction, Policy Optimizer, the App-ID Cloud Engine (ACE), SaaS and IoT Policy Recommendation, and more!
What Do You Want To Do?
Don't Trust, Verify!
Learn about Zero Trust principles and how to enact them in your network.
Explore the Best Practices Portal
The Best Practices Portal connects you to Palo Alto Networks official best practices documentation.
Lock Down Administrator Access to Firewalls & Panorama
Administrators who control your firewalls control your enterprise security. Employ least privilege access methods to ensure you control all administrator access appropriately.
Decrypt Traffic to Detect Malware
You can't protect yourself from what you can't see. Shine the light of decryption on encrypted traffic so you can inspect it and prevent malicious activity.
Transition Safely to Best Practices Security Profiles
How aggressively can you transition profiles from alerting to blocking potentially malicious traffic? What traffic can you block right away? How do you transition to blocking?
Protect Your Network from DoS Attacks
Beef up your DoS Protection, Zone protection, and packet buffer protection using best practices.