Vertical-themed Portals
Table of Contents
Expand all | Collapse all
-
- Firewall and PAN-OS Support of IoT Security
- IoT Security Prerequisites
- Onboard IoT Security
- Onboard IoT Security on VM-Series with Software NGFW Credits
-
- DHCP Data Collection by Traffic Type
- Firewall Deployment Options for IoT Security
- Configure a Pre-PAN-OS 10.0 Firewall with a DHCP Server
- Configure a Pre-PAN-OS 10.0 Firewall for a Local DHCP Server
- Use a Tap Interface for DHCP Visibility
- Use a Virtual Wire Interface for DHCP Visibility
- Use SNMP Network Discovery to Learn about Devices from Switches
- Use Network Discovery Polling to Discover Devices
- Use ERSPAN to Send Mirrored Traffic through GRE Tunnels
- Use DHCP Server Logs to Increase Device Visibility
- Plan for Scaling when Your Firewall Serves DHCP
- Prepare Your Firewall for IoT Security
- Configure Policies for Log Forwarding
- Control Allowed Traffic for Onboarding Devices
- Support Isolated Network Segments
- IoT Security Integration with Prisma Access
- IoT Security Licenses
- Offboard IoT Security Subscriptions
-
- Introduction to IoT Security
- IoT Security Integration with Next-generation Firewalls
- IoT Security Portal
- Vertical-themed Portals
- Device-to-Site Mapping
- Sites and Site Groups
- Networks
- Network Segments Configuration
- Reports
- IoT Security Integration Status with Firewalls
- IoT Security Integration Status with Prisma Access
- Data Quality Diagnostics
- Authorize On-demand PCAP
- IoT Security Integrations with Third-party Products
- IoT Security and FedRAMP
Vertical-themed Portals
The IoT Security portal has different themes based on
the selected business vertical.
The IoT Security portal changes to better serve users
in different industries. The portal theme that users in a given
IoT Security tenant see depends on two choices:
- The IoT Security product chosen upon purchase
- The theme chosen by an IoT Security tenant owner
Portal Themes
IoT Security provides four differently themed portals
for enterprise, industrial, and medical verticals:
- Enterprise IoT Security Plus
- Enterprise IoT Security
- Industrial IoT Security
- Medical IoT Security
Enterprise
IoT Security offers two products for enterprise IoT: Enterprise
IoT Security Plus and Enterprise IoT Security.
Enterprise IoT Security Plus is the solution for commercial enterprises
and government organizations. It lets you see and secure every IoT
device in your enterprise organization to meet NIST guidelines.
It also helps prevent your IoT devices from becoming the target
of cyberattacks. With Enterprise IoT Security Plus, you can do the
following:
- Automatically classify devices with over 50 device attributes
- View, edit, confirm, and reclassify devices
- Add devices with static IP addresses
- See your IP address structure and device distribution
- See sites for firewalls and devices
- Generate reports for devices, network behaviors, and security risks
- Integrate with multiple third-party products
- See applications that devices use
- Import policy rule recommendations to firewalls
- Get security alerts for anomalous network activity
- Assess risk and device vulnerabilities
- (Optional) Retain traffic logs
The Security Dashboard, which provides quick access to information
about device inventory, alerts, and risks, is shown below. It appears
in the Enterprise IoT Security Plus portal as well as in portals
for Industrial IoT Security and Medical IoT Security.
For IoT Security customers with tenants established before
12/15/2022, you can continue using the existing Executive Summary
and Inventory dashboards for a limited time. They will eventually
be retired and replaced.
Enterprise IoT Security identifies devices in enterprise networks
and creates a dynamic device inventory. It does not include the
security features and third-party integrations available in Enterprise
IoT Security Plus, Industrial OT Security, and Medical IoT Security.
Enterprise IoT Security lets you do the following:
- Automatically classify devices with 12 device attributes
- View, edit, confirm, and reclassify devices
- Add devices with static IP addresses
- See your IP address structure and device distribution
- See sites for firewalls and devices
- Generate device reports
The Devices page, shown below, is the default landing page after
login to the Enterprise IoT Security portal. Unlike the other vertical-themed
product portals, it does not include dashboards.
For more information, see Enterprise .
Industrial
Industrial IoT Security is the solution for industrial corporations.
It lets you see and secure every device, including specialized operational
technology (OT) devices, so you can keep your operations up at all
times and achieve NIST and ISA/IEC compliance. You can do the following
with Industrial IoT Security:
- Get everything in Enterprise IoT Security Plus
- Detect OT device anomalies
- Use Purdue levels for device modeling and visualization (see Network Visualizations)
- Create customized rules for process integrity (see Create Alert Rules)
As in the portal for Enterprise IoT Security Plus, the Industrial
IoT Security portal also includes the Security dashboard.
It's not uncommon for industrial networks to include one or more air-gapped segments.
These are areas of the network that do not allow ingress or egress connections
between devices in the air-gapped network segment and devices in any other private
network segment or with the public network. Through the use of next-generation
firewalls configured as security telemetry gateways, you
can provide IoT Security services for device in such networks.
Medical
Medical IoT Security is the solution for healthcare providers.
It lets you see and secure every device on your network, including
specialized medical devices, so you can deliver high-quality patient
care and achieve HIPAA compliance. Use Medical IoT Security to do
the following:
- Get everything in Enterprise IoT Security Plus
- Detect medical device anomalies
- Assess medical device risk leveraging FDA recalls, PHI identification, and MDS2
- Track medical device utilization
The portal for Medical IoT Security displays two pages that are relevant only to
medical IoT and only appear when the Medical IoT Security theme is
activated. One is for Food and Drug Administration (FDA) recalls and another is for
Manufacturer Disclosure Statement for Medical Device Safety (MDS2) forms. When using
the Medical IoT Security theme, the portal also includes two dashboards
with data just about medical IoT devices: the Utilization dashboard and, shown
below, BioMed dashboard.
For more information, see Medical IoT.
Switch Portal Themes
A tenant can only have one theme at a time for their
IoT Security tenant; however, it’s possible for tenant owners to
switch themes. When users first log in to a tenant and a theme has
already been defined by the IoT Security product that was ordered,
then that theme is automatically loaded by default. However, if
you purchased multiple IoT Security products with different themes
(or if you have an IoT Security product purchased prior to December
15, 2022), then IoT Security prompts owners to select a theme when
they initially log in to the portal. If an owner doesn’t make a
selection, IoT Security shows the Enterprise IoT Security Plus theme
and continues to prompt owners to select a theme upon each login
until one of them makes a selection. Once a selection has been made,
all other users in the same tenant will also see the same theme
when they access the portal.
To switch vertical themes, log in as a user with owner privileges, select AdministrationAboutLicense. The status indicates which theme is currently in use. (You can also
see the number of subscribed firewalls and the license start and expiration dates
here.) Click Switch next to the name of the theme that's
currently in use.
Select a new theme, and then click Confirm.
As an owner, you can switch themes for your tenant as many times
as you like.
Create a Trial Enterprise IoT Security Tenant
If you have a production license for Enterprise IoT Security Plus,
Industrial IoT Security, or Medical IoT Security and want to
see what Enterprise IoT Security is like, you can create a one-time trial
tenant and assign up to five of your firewalls to it. The trial is valid for 30
days. During that time, both the production and trial tenants consume log data that
firewalls assigned to the trial tenant send to the logging service. When the trial
period ends and the trial tenant is automatically deleted, the production IoT Security tenant alone continues consuming the log data from the
firewalls.
- To initiate a trial, log in to the IoT Security portal with a user account that has Owner privileges.
- Select AdministrationAboutLicense and then click Request next to Enterprise IoT Security in the Trial section.
- Choose up to five firewalls that you want to use for the trial and then Save.A message appears explaining that a trial tenant for Enterprise IoT Security is being created, the chosen firewalls will be associated with it, and that the entire process typically takes about ten minutes.When the process is complete, another message appears stating that the trial tenant has been created and the chosen firewalls have been associated with it. This message also includes the name of the trial tenant.The trial tenant creation and firewall assignments are also recorded in Logs & ReportsAudit Log.
- On AdministrationAboutLicense, the button next to Enterprise IoT Security in the Trial section changes from Request to Enter. To access the trial tenant portal, click Enter.A login prompt appears for the trial tenant in a new browser window.
- Log in with the same credentials you used to log in to the production IoT Security tenant.The Enterprise IoT Security portal opens to the Resource Center and is ready for use as a trial tenant. During the 30-day trial, both the IoT Security tenant and the Enterprise IoT Security trial tenant will consume logs from the firewalls assigned to the trial tenant. You can log in to both tenants and compare the functionality of each.
- To exit the trial tenant and return to the production tenant, navigate to AdministrationAboutLicense and then click Enter next to IoT Security in the Production section.The trial tenant browser window remains open while the production tenant opens in a new browser window.
After the trial ends, the trial tenant is automatically deleted while the production
tenant continues consuming log data from the firewalls.
If you have a trial license for IoT Security and want to try out the Enterprise
IoT Security product, log in to the IoT Security portal with a user account that
has Owner privileges, select AdministrationAboutLicense, and then click Manage Trial. Select
Enterprise and then Confirm
your decision. To go back to the IoT Security product, return to the License
page, click Manage Trial again, select
Enterprise Plus, and
Confirm.