UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Palo Alto Networks security platform must update malicious code protection mechanisms and signature definitions whenever new releases are available in accordance with organizational configuration management policy and procedures.


Overview

Finding ID Version Rule ID IA Controls Severity
V-62577 PANW-AG-000060 SV-77067r1_rule Medium
Description
Malicious code protection mechanisms include, but are not limited to, anti-virus and malware detection software. In order to minimize any potential negative impact to the organization caused by malicious code, malicious code must be identified and eradicated. Malicious code includes viruses, worms, Trojan horses, and Spyware. This requirement is limited to ALGs, web content filters, and packet inspection firewalls that perform malicious code detection as part of their functionality.
STIG Date
Palo Alto Networks ALG Security Technical Implementation Guide 2015-11-17

Details

Check Text ( C-63381r1_chk )
To check if the device is using the most current protection mechanisms and signature definitions:
Go to Device >> Dynamic Updates
View the list of updates, and note the date of the most recent one.
Select "Check Now" at the bottom of the page; if new updates appear, this is a finding.
Fix Text (F-68497r1_fix)
To schedule automatic updates:
Go to Device >> Dynamic Updates
Select the text to the right of Schedule.
In the "Applications and Threat Updates Schedule" Window; complete the required information.
In the "Recurrence" field, select the desired frequency. If the update frequency is Weekly, select which day of the week.
In the "Time" field, enter the time at which you want the device to check for updates.
For the Action, select "Download and Install".
Select "OK".
Commit changes by selecting "Commit" in the upper-right corner of the screen.
Select "OK" when the confirmation dialog appears.

If manual updates are used, an Administrator must obtain updates from the Palo Alto Networks web site and upload them from a workstation or server to the Palo Alto Networks security platform.
Go to Device >> Dynamic Updates
Select "Upload" (at the bottom of the pane).
In the Select "Package Type" for the "Upload" window in the "Package Type" field, select "anti-virus".
Browse to and select the appropriate file.
Select "OK".
Select "Install From File" (at the bottom of the pane).
In the "Select Package Type for Installation" window, select "antivirus".
Select "OK".
In the "Install Application and Threats From File" window, select the previously uploaded file.
Select "OK".

To retrieve the latest signatures:
Go to Device >> Dynamic Updates
Select "Check Now" at the bottom of the page.