>
    Monitor Security Subscriptions
    Focus
    Download PDF
    Focus
    1. Home
    2. Strata Cloud Manager
    3. Optimize Security Posture
    4. Monitor Security Subscriptions
    Download PDF
    Strata Cloud Manager

    Monitor Security Subscriptions

    Table of Contents

    Monitor Security Subscriptions

    AIOps for NGFW provides a comprehensive view into your available security subscriptions and their license usage in your devices
    Where Can I Use This?What Do I Need?
    In DashboardPostureCDSS Adoption, you can view the recommended Cloud-Delivered Security Services (CDSS) subscriptions and their usage in your devices. This helps you to identify security gaps and harden the security posture of your enterprise. After you navigate to this page, you will see a pop-up asking you to confirm or update your zone roles in NGFWs to get accurate security services recommendations. You can follow the link in this pop-up window to map zones to roles.
    Currently, this dashboard only supports four security subscriptions: Advanced Threat Prevention, Advanced URL Filtering, DNS Security and Wildfire.
    1. At the top of the CDSS Adoption page, you can view the number of total known NGFWs and number of NGFWs sending telemetry in your instance.
    2. The adoption of CDSS involves progressing through activation, configuration, and adherence to best practices. To track progress for each subscription, simply click on the numbers in the graph to view a list of devices that require updates along this journey. In this case, let us check the NGFWs where DNS security is not configured.
    3. Check NGFWs on which DNS Security configuration is recommended but not configured. View details to check source role and destination role.
    4. View Policies to view the details of the rules and corresponding source and destination zones.
      Further, you can click a rule name to view its details.
    5. Navigate back to the funnel graph. You can view the same information in the pie chart format as well.
    6. When you do not need a recommended security service for any reason, you can override it. In this case, we don't need the DNS security service. Click the cancel icon next to DNS.
    7. Select one of the reasons for overriding the recommendation.
    8. Click Override.
      This concludes how to view the recommended CDSS subscriptions and their usage in your devices.
    For more information, see Dashboard: CDSS Adoption.

    © 2024 Palo Alto Networks, Inc. All rights reserved.