Action Connectors
      Back to home
      1. Radiant Help Center
      2. Getting Started
      3. Action Connectors

      Action Connector: Palo Alto Networks PAN-OS

      Set up the action connector for Palo Alto Networks PAN-OS to enable one-click containment in Radiant Security.

      Summary

      This configuration will establish a trusted relationship between Radiant Security and your Palo Alto Network PAN-OS to enabled automated and one-click execution tasks. This action connector supports the following automated actions:

      • Block IP Address

      At the end of this configuration, you will provide Radiant Security with the following:

      • Administrator Username
      • Administrator Password
      • PAN-OS BaseURL

      Prerequisites

      • Palo Alto: Administrator

      Note: The connector described in this document were tested on v9.1, v10.1 and v11.0, with v9.1 being the oldest present in https://docs.paloaltonetworks.com/pan-os/.

      Add an administrator in Palo Alto

      1.    Login to your Palo Alto firewall.
      		  
      2.   On the top navigation bar, click Device.
      		  
      3.   From the left navigation menu, click Admin Roles.  

      4.   Add a new admin profile:

      • Name: radiantsecurityadmin

      5.   Add the required permissions

      XML API

      • Commit (Enable)

      REST API

      • Objects - Addresses (Enable)
      • Objects - AddressGroups (Enable)
      • Device - VirtualSystems (Read Only)
      		 Screenshot 2023-11-21 at 4.23.58 PM
      6.   Click OK to create the admin profile.  
      7.    From the left navigation menu, click Administrators.  
      8.   Add a new user with the following features:
      • Name: radiantsecurity
      • Administrator Type: Role Based
      • Password: <generated password>
      • Profile: radiantsecurityadmin
        • choose the role created in the previous step
      		 Screenshot 2023-11-21 at 4.26.53 PM

       

       

      Important Note: Save both username and password of the administrator profile. This will be provided to Radiant Security in a later step.

      9.   In the top navigation menu, click Commit to save the configuration changes.

      On the connector configuration we must also save PAN-OS base URL. This is both the API domain to be used and PanOS web URL that we need to add on the Radiant Connector.

      Create the action connector in Radiant Security

      1. Login to Radiant Security.
      2. Navigate to Settings > Action Connectors and click + Add Connector.
      3. Search for and select Palo Alto Networks PAN-OS and then click Credentials.Captura de Tela 2024-02-27 às 11.01.04
      4. Under Credential Name, enter a credential name (PAN-credentials for example)
      5. Under Required Credentials, add the information you obtained from the previous step: 
        1. Administrator Username
        2. Administrator Password
        3. PAN-OS BaseURL

        Captura de Tela 2024-02-27 às 11.03.18
      6. Click Add Connector to save your changes.

      Note: The base URL is the FQDN or Public IP Address of the Palo Alto Firewall or Panorama. followed by the version. For example: https://111.163.30.32/restapi/9.1/

      Note: Is important that the Panorama or Palo Alto Firewall can be reachable for Radiant to execute the actions.

       

      We value your opinion. Did you find this article helpful? Share your thoughts by clicking here or reach to our Product and Customer Success teams at support@radiantsecurity.ai 

       

      Last updated: 2024-08-23