Level 3 - Palo Alto Next Generation Firewall Enforcement

In-depth traffic analysis to identify gaps in existing policies and provide evidence-based recommendations for upgrading the AWS security. This is a custom, service-based implementation for traffic analysis, not a best practices review. Enabling the user to perform real-time traffic analysis and create advanced security policies (phishing prevention, brute force attack signatures, etc.).

The service provides a detailed analysis of 10% of the security policies and their associated profiles, evaluating the impact on the traffic generated by Content-ID. It includes customization of threat reports and security operations, as well as detection of configuration failures and possible breaches. A network-wide reporting environment is enabled, identifying relevant logs to SNMP and SNMP trap.

Three specific policies are also analyzed to generate advanced reports and recommendations, reviewing real-time traffic and rule actions without making changes. In addition, knowledge transfer is provided to up to 12 team members for up to eight hours, with a focus on security gap analysis and attack surface reduction.

• Security policy analysis includes log forwarding, URL filtering, anti-virus checking, file blocking, anti-spyware, DNS protection, vulnerability protection, wildfire scanning, custom EDLs and custom reporting.
• Analysis and customization of threat reports.
• Customization of security operation reports, firewall maintenance, compromise detection and configuration failure detection.
• Identify the generation of logs to SNMP and SNMP trap that are required.
• Analysis of three (3) policies and their associated profiles to create advanced threat reports and recommendation reports.
• Real-time traffic review in security policies.
• Training of up to twelve (12) members of the team for a maximum of eight (8) hours.