Details

Set Antivirus Update Schedule to download and install updates hourly.

Rationale:

New antivirus definitions may be released at any time. With an hourly update schedule, the firewall can ensure threats with new definitions are quickly mitigated. A daily update schedule could leave an organization vulnerable to a known virus for nearly 24 hours, in a worst-case scenario. Setting an appropriate threshold value reduces the risk of a bad definition file negatively affecting traffic.

Solution

Navigate to Device > Dynamic Updates > Antivirus Update Schedule.
Set Action to Download and Install.
Set Recurrence to Hourly.

Default Value:

Not Configured

References:

‘Tips for Managing Content Updates’ – https://live.paloaltonetworks.com/docs/DOC-1578

‘PAN-OS Administrator’s Guide 9.0 (English) -Dynamic Content Updates’ – https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/software-and-content-updates/dynamic-content-updates.html

‘PAN-OS Administrator’s Guide 9.0 (English) – Install Content Updates’ – https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/software-and-content-updates/install-content-and-software-updates.html

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/2692

This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Palo_Alto.

References

• 800-53|SI-2c.
• CSCv6|4.5
• CSCv6|8.5
• CSCv6|12
• CSCv7|3.4
• CSCv7|3.5
• CSCv7|12

Source

• Tenable.com/audits