- 22 Sep 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Palo Alto Networks IoT Security - Tag assets
- Updated on 22 Sep 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Palo Alto Networks IoT Security - Tag assets adds tags in IoT Security for each of the entities that are the result of the saved query supplied as a trigger (or devices selected in the asset table).
- Not all asset categories are supported for all Enforcement Actions.
- See Actions supported for Activity Logs, Adapters Fetch History, and Asset Investigation modules.
- See Actions supported for Vulnerabilities.
- See Actions supported for Software.
General Settings
- Action name - The name of this Enforcement Action. The system sets a default name. You can change the name.
- Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.
- Use stored credentials from the Palo Alto Networks IoT Security (Zingbox) adapter - Select this option to use the first connected Palo Alto Networks IoT Security adapter credentials.NOTE
- To use this option, you must successfully configure a Palo Alto Networks IoT Security adapter connection.
- The user name and the password used for the adapter connection must have the required permissions to add tags.
Required Fields
These fields must be configured to run the Enforcement Set.
- Tags - The name of the new tag to add. Type the name of a tag and press Enter. Multiple tags can be added. To add a tag as a key:value pair, separate the key and value with a : (colon).
Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.
Additional Fields
These fields are optional.
Connection and Credentials
When Use stored credentials from the adapter is toggled off, some fields are required to create the connection, while other fields are optional.
- Hostname (default: https://api.kennasecurity.com) - The URL for the Kenna Security Platform admin panel. This may be a default domain or a company specific URL.
- API Token (optional) - Specify your account API key or an API token you have created.
- Verify SSL (optional) - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
- HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.
- HTTPS Proxy User Name (optional) - The user name to use when connecting to the server using the HTTPS Proxy.
- HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.
Required Ports
Axonius must be able to communicate with the value supplied in Hostname or IP Address via the following port:
- TCP port 80
APIs
Axonius uses the Palo Alto Networks IoT Security API.
Required Permissions
The credentials of the user account used to add tags must have permission to write tags to assets.
Version Matrix
This Enforcement Action has only been tested with the versions marked as supported, but may work with other versions. Please contact Axonius Support if you have a version that is not listed and it is not functioning as expected.
Version | Supported | Notes |
---|---|---|
Palo Alto Networks IoT Security (Zingbox) v1.0 | Yes |
For more details about other Enforcement Actions available, see Action Library.