Blumira’s modern cloud SIEM platform integrates with Palo Alto Next-Gen Firewalls to detect cybersecurity threats and provide an automated or actionable response to remediate when a threat is detected.
When configured, the Blumira integration with Palo Alto Next-Gen Firewalls will stream security event logs to the Blumira service for automated threat detection and actionable response.
When Blumira’s dynamic blocklist capabilities are configured with the Palo Alto Firewalls, Blumira can provide automated blocking of known threats, automatically add new block rules when threats are detected and provide blocking based on Blumira’s community of customers that have detected new threats. All through automation without requiring any human interaction.
Get visibility, detect and respond to threats faster:
See how easy it is to set up Blumira with Palo Alto Networks Next-Generation Firewall:
Learn more about enabling Blumira’s Dynamic Block Lists to block malicious source IP addresses and domains for automated threat response.
Forward traffic logs from Palo Alto Networks firewall to a SIEM for longterm storage, compliance, audit, reporting or legal reasons.
You must configure log forwarding for Palo Alto in order to collect the logs. You can read directions on how to do configure log forwarding on Palo Alto’s website: https://live.paloaltonetworks.com/t5/Featured-Articles/Tips-amp-Tricks-Forward-traffic-logs-to-a-syslog-server/ta-p/71966.
While completing this step, take the time to review your current security policies and ensure that they’re up to date. Blumira generally prefers settings that will result in the most verbosity in regard to log content and volume and should be applied to every policy in the device.