Dashboard: CDSS Adoption
Focus
Focus
Strata Cloud Manager

Dashboard: CDSS Adoption

Table of Contents

Dashboard: CDSS Adoption

Learn how to view the recommended CDSS subscriptions and their usage in your devices.
Where Can I Use This?What Do I Need?
→ The features and capabilities available to you in Strata Cloud Manager depend on which license(s) you are using.
  • Click DashboardsPostureCDSS Adoption to get started.

What does this dashboard show you?

  • The dashboard shows the aggregated data for all firewalls onboarded to your tenant and are also sending telemetry data.
  • Currently, this dashboard only supports four security subscriptions: Advanced Threat Prevention, Advanced URL Filtering, DNS Security and Wildfire.
The CDSS Adoption dashboard shows the recommended Cloud-Delivered Security Services (CDSS) subscriptions and their usage in your devices. This helps you to identify security gaps and harden the security posture of your enterprise. After you navigate to this page, you will see a pop-up asking you to confirm or update your zone roles in NGFWs to get accurate security services recommendations. You can follow the link in this pop-up window to map zones to roles.
Here’s a video that shows how to monitor security subscriptions using the CDSS Adoption dashboard:

How can you use the data from the dashboard?

This dashboard helps you with the following:
  • At the top of the Overview page, you can view the number of total known NGFWs and number of NGFWs sending telemetry in your AIOps for NGFW instance. The adoption of CDSS involves progressing through activation, configuration, and adherence to best practices. To track progress for each subscription, simply click on the numbers in the chart to view a list of devices that require updates along this journey. To use a security subscription license in a device, you need to activate it and then set up the service or feature accordingly.
    To focus on the security services data for a specific NGFW, filter the chart based on it. You can also view the best practice violations for a device in this drop-down list.
  • You can click one of the values under ACTIVATE, CONFIGURE, or BEST PRACTICES to view details in a tabular format.
    In this example, AIOps for NGFW recommends the activation of Advanced URL Filtering (ADV-URL) along with Advanced Threat Protection (ATP), Domain Name System (DNS), and WildFire (WF) security services for NGFWs. You can click Back to Graph View to navigate to the Overview page.
  • You can also view the same security posture data in a pie chart format. Click the pie-chart icon to view the information about recommended security services in a pie-chart format.
  • You can click the sections of the pie-chart to view the information about the individual security service.
    In this example, to view the NGFW where DNS Security is not configured, you can either click the value above the DNS Security section of a pie chart or click the DNS Security section of a pie chart.

Override Recommended Security Service

When you do not need a recommended security service for any reason, you can override it. Click a value under CONFIGURE to view details in a tabular format, you can override the recommended security service.
In this example, AIOps for NGFW recommends the configuration of Advanced URL Filtering (ADV-URL) along with other security services for a device. You can cancel the ADV-URL security service for the NGFW device and all the zones under it.
You can also override the recommended security service at a zone level. View Details for an NGFW to view the source and destination roles, policies, and their recommended security services.
In this example, you can override the ADV-URL security service for the source role as Third Party Vendor and the destination role as Unknown. You can also restore the overridden recommendation by clicking on the security service under the Overrides column.
You can View Policies associated with roles. Select a rule to view its details without needing to leave the app.
Click Back to Table View to view the security services in a tabular format.