Report Templates

The following report templates are included in STRE:

Report Template

Description

Business Ownership Changes

Provides information about unauthorized platform revisions, enabling security administrators to detect changes that occur outside of officially changed processes and/or unapproved changes.

This report template enables you to:

  • Know whether a managed device has been compromised and reconfigured,
  • Ensures awareness when it's most needed (such as during period of increased susceptibility or during active breaches).
  • Automatically provide the relevant recipients with the information they need at regular intervals, enabling them to efficiently respond to the information.

Device Audit

Provides compliance testing for firewalls managed by Palo Alto Panorama devices, Cisco IOS routers, Cisco ASA firewall devices, or Check Point devices to determine how well the device configurations meet the vendor's CIS requirements (Center for Internet Security), as well as the internal standards, which you or the other system users have defined.

This report template enables you to:

  • Identify violations that require remediation
  • Ensure that devices are regularly and consistently audited
  • Distribute information only to authorized recipients, and therefore prevent overexposure of vulnerability information.

Policy Analysis

Displays all data related to handling the traffic defined in the query, including relevant devices, interfaces, and rules, as well as a diagram that presents one or more paths for the specified traffic.

This report template enables you to:

  • Identify which devices and rules are blocking traffic
  • Expedite troubleshooting, and determine what needs to be changed to allow or block traffic.
  • Ensure consistent reporting on business-critical connectivity

Rule and Object Changes

Keeps track of changes that occurred for rules (and their objects) of a given device, in a specified time period. This facilitates troubleshooting of business outages and/or unnecessary risk caused by changes.

Rule and Object Changes compares two revisions and lists which rules and objects have been added, updated, or deleted.

This report template enables you to:

  • Easily identify what changes were made to rules and network objects in a defined time-period.

  • Retain change records for audit reporting
  • Identify SecureTrack users who made changes to rules

The report output for this template includes three status icons for the rules and objects:

  • - Added
  • - Removed
  • - Modified

Rule Analytics

Displays rules and rule KPIs based on the search options and the selected device. The search options are aligned with the search options available in the SecureTrack Policy Browser. The KPIs include

In HTML report outputs, if the number of rules is greater than 100 the report will display the first 100 rules, and an additional 100 rules will be incrementally added as you scroll down the report.

In PDF report outputs, the report output is limited to 1,000 reports.

Security Best Practices

Provides the organization with the ability to ensure that security controls are based on common security best practices and to detect best practice failures.

Security Best Practices lists all the rules that violate each best practice.

This report template enables you to:

  • Identify the locations of risks across your network and which devices are most impacted
  • Prioritize rule optimization and remediation
  • Ensure awareness of the state of your network for audit purposes

Security Violations

Provides a detailed summary of all security policy violations detected within the selected domain, device and Unified Security Policy matrix(es).

Security Violations includes violations such as: violated security policies, violated rules, and the critical levels of each violation.

This report template enables you to:

  • Identify security gaps
  • Prioritize rules for remediation, removal or exception review
  • Ensure consistent awareness of violations by the relevant team

Shadowed Rules

Identifies redundant rules based on shadowing information, including contextual attribution between the shadowing and shadowed rules.

Shadowed Rules lists all the shadowed and shadowing rules for each selected device.

This report template enables you to:

  • Eliminate unnecessary rules
  • Eliminate unintentional access provided by shadowed rules
  • Focus efforts to achieve network policy health in key domains
Note: For the Shadowed Rules report, the SecureTrack shadowing functionality is not fully supported for app_ID for Palo Alto Panorama devices.

Unified Security Compliance

Lists all the security requests required to comply with SecureTrack USP.

Unified Security Compliance specifies whether the request complies with the rules defined in the devices.

This report template enables you to:

  • Prioritize rule decommission and exception management according to domain, device and USP
  • Understand which device policies are riskiest
  • Quickly identify rules that are in violation of the USP