Service Not Equal to Any - Interpreting BPA Checks - Policies
In this video, provides information about why you want to specify the application and services port is set to prevent malware from accessing the network through open ports.
The "service not equal to any" column checks to see if a specific service/port is configured for a security policy rule. The best practice assessment check ensures the service field is set to a specific port or to an application-default.
For more information on application-default under service, please review the following articles:
Tips & Tricks: What Does Application-Default Under Service Mean?
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVwCAK
What is a Service?
https://live.paloaltonetworks.com/t5/Blogs/What-is-a-service/ba-p/155012
Security Rule Behavior with Applications Allowed with Service "Any"
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVmCAK
Comments
Post a Comment