Details

Permit only the necessary IP addresses to be used to manage the device.

Rationale:

Management access to the device should be restricted to the IP addresses or subnets used by firewall administrators. Permitting management access from other IP addresses increases the risk of unauthorized access through password guessing, stolen credentials, or other means.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Navigate to Device > Setup > Interfaces > Management.
Set Permitted IP Addresses to only those necessary for device management.
Default Value:
Not enabled (all addresses that can reach the interface are permitted)

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/2104https://workbench.cisecurity.org/files/2104

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Palo_Alto.

References

• 800-53|SC-3
• 800-53|SC-7(15)
• CSCv6|11.6
• CSCv6|11.7
• CSCv7|11.6
• CSCv7|11.7

Source

• Tenable.com/audits