...
Prisma Access helps you deliver consistent security to your remote networks and mobile users. All your users—at headquarters, office branches, and on the road—connect to Prisma Access to safely use the internet and cloud and data center applications.
Device Information
Entity | Particulars |
---|---|
Vendor Name | Palo Alto |
Product Name | Prisma Access |
Type of Device | Cloud |
Collection Method
Log Type | Ingestion label | Preferred Logging Protocol - Format | Log collection method |
---|---|---|---|
Palo Alto Networks Firewall | PAN_FIREWALL | Syslog(CSV) | CyberHub |
Port Requirements
Source | Destination | Port |
---|---|---|
Palo Alto |
Prisma Access | CyberHub | 601 (TCP) |
To facilitate secure communication and align with our best practice, we strongly encourage the use of Transport Layer Security (TLS) between your security devices and our Adaptive MxDR platform for event forwarding.
While we understand that TLS support may not be available on all devices, if your devices do support TLS communication, we recommend utilizing port 6514 for seamless integration.
In some cases, the upgraded version of the device might incorporate TLS support without prior notice. If you come across such a scenario or for further assistance in configuring TLS, we kindly ask you to reach out to your dedicated Adaptive MxDR Service Delivery Lead.
Device Configuration
Pre-requisite:
...
Allow below IP ranges to forward logs to syslog receiver based on your region.
Region | IP Ranges |
---|---|
US | 65.154.226.0/24 |
EU | 154.59.126.0/24 |
UK | 35.246.51.240/28 |
SG(Singapore) | 34.87.142.80/28 |
Login to the hub at https://apps.paloaltonetworks.com/
Select the Log Forwarding app instance that you want to configure for Syslog forwarding
Select Syslog > Add to add a new Syslog Forwarding profile.
...
Parameters required from customer for Integration.
Property | Default Value | Description |
---|---|---|
IP Address | Palo Alto |
Prisma Access interface IP address | Hostname or IP address of the device which forwards logs to the CyberHub. |