search
Go to websiteTrust Center

Palo Alto Networks PAN-OS

Configure the action connector for Palo Alto Networks PAN-OS.

In this guide, you'll set up a trusted relationship between Radiant and Palo Alto Networks PAN-OS to enable automated and one-click response actions.

chevron-rightbolt-lightning Available actionshashtag

The following action is available after you set up the Palo Alto Networks PAN-OS action connector. Keep in mind, additional permissions are required.

  • Block IP Address

At the end of this configuration, you will provide Radiant Security with the following:

  • Administrator Username

  • Administrator Password

  • PAN-OS BaseURL

hashtag
Prerequisites

circle-info

Note: The connector described in this document were tested on v9.1, v10.1 and v11.0, with v9.1 being the oldest present in https://docs.paloaltonetworks.com/pan-os/arrow-up-right.

hashtag
Add an administrator in Palo Alto

  1. Login to your Palo Alto firewall.

  2. On the top navigation bar, click Device.

  3. From the left navigation menu, click Admin Roles.

  4. Add a new admin profile:

    • Name: radiantsecurityadmin

  5. Add the required permissions

    XML API

    • Commit (Enable)

    REST API

    • Objects - Addresses (Enable)

    • Objects - AddressGroups (Enable)

    • Device - VirtualSystems (Read Only)

  6. Click OK to create the admin profile.

  7. From the left navigation menu, click Administrators.

  8. Add a new user with the following features:

  • Name: radiantsecurity

  • Administrator Type: Role Based

  • Password: <generated password>

  • Profile: radiantsecurityadmin

    • Choose the role created in the previous step

circle-exclamation

Important note: Save both username and password of the administrator profile. This will be provided to Radiant Security in a later step.

9. In the top navigation menu, click Commit to save the configuration changes.

circle-exclamation

Important note: On the connector configuration we must also save PAN-OS base URL. This is both the API domain to be used and PanOS web URL that we need to add to the Radiant connector.

hashtag
Create the action connector in Radiant Security

  1. Login to Radiant Securityarrow-up-right.

  2. Navigate to Settings > Action Connectors and click + Add Connector.

  3. Search for and select Palo Alto Networks PAN-OS and then click Credentials.

  4. Under Credential Name, enter a credential name (PAN-credentials for example)

  5. Under Required Credentials, add the information you obtained from the previous step:

    • Administrator Username

    • Administrator Password

    • PAN-OS BaseURL

  6. Click Add Connector to save your changes.

circle-info

Note: The base URL is the FQDN or Public IP Address of the Palo Alto Firewall or Panorama followed by the version. For example: https://111.163.30.32/restapi/9.1/

circle-exclamation

Important note: Palo Alto Firewall must be reachable for Radiant to execute the actions.

PreviousNetskopeNextProofpoint

Last updated