Connecting Security Zones: Enhancing Network Segmentation

Network segmentation is a fundamental security practice that reduces the attack surface and improves traffic control. Security zones help define boundaries within a network, ensuring that sensitive data remains protected while allowing necessary communication.

Firewall Authentication and Authorisation

Administrator Accounts And Roles

Authenticate local or remote

Admin account assigned a role with privileges  

Administrator actions logged in config and system logs Monitor>Logs

Only the predefined admin account has access to the firewall. add administrator accounts for delegation and auditing purpose.

PAN-OS OS for local or ...supported Authentication/authorisation and accounting Services like active directory, LDAP, RADIUS, SAML.

XML config or database

Configuration Management

The purpose of the running and candidate firewall configurations

Running Configuration
• Configuration settings currently active on the firewall (maintained in a file on the firewall named running config.xml)

Candidate Configuration
•Configuration changes in progress but not active on the firewall (all of in progress edits are made to the candidate configuration)