PAN-OS - Block all unknown and unauthorized applications
MITRE ATT&CK - Courses of Action Pack.#
This Playbook is part of theSupported versions
Supported Cortex XSOAR versions: 6.5.0 and later.
This playbook is used to find and remove all rules that allow unauthorized applications communication as any. The playbook performs the following tasks:
- Lists PAN-OS policy rules.
- Checks for a rule that allows applications as any.
- Deletes the rule based on user approval.
- Commits the configuration.
#
DependenciesThis playbook uses the following sub-playbooks, integrations, and scripts.
#
Sub-playbooks- PAN-OS Commit Configuration
#
IntegrationsThis playbook does not use any integrations.
#
ScriptsThis playbook does not use any scripts.
#
Commands- pan-os-list-rules
- pan-os-delete-rule
#
Playbook InputsName | Description | Default Value | Required |
---|---|---|---|
pre_post | Rules location. Can be 'pre-rulebase' or 'post-rulebase'. Mandatory for Panorama instances. | Optional | |
device-group | The device group for which to return addresses (Panorama instances). | Optional | |
tag | Tag for which to filter the rules. | Optional |
#
Playbook OutputsThere are no outputs for this playbook.