Security Policy Best Practices
Security policy best practices include planning, deploying,
and maintaining the rulebase.
Security policy determines what traffic
you allow on your network and how to treat that traffic. Security
policy best practices limit the traffic you allow to only sanctioned
traffic required for your business and tolerated traffic for your
employees. This reduces the attack surface and helps safeguard your
network and your business assets. The viewpoint of this document
is what to do for best network security whether your business is
security-first or mission-critical availability first.
Security policy best practices follow the principle of least
privilege, which means that only people who need access to specific
applications, data, and infrastructure are granted access, and that
traffic is decrypted, inspected, and logged appropriately to protect
assets, intellectual property, and other things that are critical
to your business. All other access increases risk without achieving
business goals.
This book contains streamlined, step-by-step best practices for
how to:
Steps that require configuration or for which there is in-depth
conceptual information include links to the appropriate documentation
for details. Learn about features, capabilities, and operation of
Palo Alto Networks products in product administrator’s guides, release
notes, upgrade guides, interconnect guides, etc., which are available
on technical documentation home page:
Refer to the Palo Alto Networks series of
best practices books for
best practices advice on subjects such as decryption, DoS and Zone
Protection (including Packet Buffer Protection), and much more.