The Device Framework is a mechanism for interacting with Palo Alto Networks devices (including physical and virtualized Next-generation Firewalls and Panorama). The Device Framework is object oriented and mimics the traditional interaction with the device via the GUI or CLI/API.
IronSkillet is a set of day-one configuration templates for PAN-OS to enable alignment with security best practices. See the Quick Start section below to get started using the template configurations.
This repo contains Terraform templates to deploy infrastructure on AWS and Azure and to secure them using the Palo Alto Networks Next Generation Firewalls
Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint security with Splunk's extensive investigation and visualization capabilities to deliver an advanced security reporting and analysis tool.
Scale out security for web deployments using VM-Series firewalls and Azure Application Gateway web load balancer
The Palo Alto Networks Add-on for Splunk allows a Splunk® Enterprise or Splunk Cloud administrator to collect data from Palo Alto Networks Next-Generation Firewall devices and Advanced Endpoint Protection.
A collection of pre-installed tools commonly used with Palo Alto Networks products packaged as a Docker container
Script for pulling events from a MISP database and converting them to Autofocus queries.
PAN-OS Bootstrapper UI provides a simple, example web-UI that consumes the PAN-OS Bootstrapper utility API.
This repo contains a lab which demonstrates the use of the Palo Alto Networks Security adapter for Istio
A Utility to bootstrap a new PAN-OS NGFW. This utility provides an API only. An example web interface is provided here: https://github.com/PaloAltoNetworks/panos-bootstrapper-ui
Implements the automation and integration framework to work with Azure Virtual WAN's and PANW to create VPN connections.
This solution maps XFF header source IP to User-ID allowing for blocking malicious sources when the VM-Series is behind a device that performs source NAT such as a load balancer.
Repo created to support the deployment of a 4 interface Palo Alto Networks firewall (1-MGMT and 3-Dataplane) into an existing Microsoft Azure environment.
Detect and respond to attacks in AWS by sending packets to VM-Series without putting the firewall inline
This repository contains the various integrations of the Palo Alto Networks Security adapter for Istio
Skillets is the default holding place for useful Panhandler skillets. These are usually smaller one-off bits that may not require their own repository. Feel free to add to this repository with your own Skillets via a PR.
Repo created to support the deployment of a 3 interface Palo Alto Networks firewall (1-MGMT and 2-Dataplane) into an existing Microsoft Azure environment.
Very targeted script that allows update of the FW NAT rules based on the dynamic AWS' ELB VIP changes
This repo is for deploying CN-series firewall using Helm Package Manager for Kubernetes
Prisma Cloud serverless function that can accept webhook and send alerts to syslog, S3, and SQS
CNC: Chevy's, not Cadillacs. Rapid UI prototyping for all Palo Alto Networks WWSE demos and pocs.
Application Frameworks OAUTH2 Shared Component implementation as a AWS Lambda Function
This Ansible role applies security best practice templates to Palo Alto Networks devices.
A collection of Example Skillets including terraform, REST, python, and PAN-OS skillets
Deploys k8s cluster, VM-Series for N/S and E/W inspection and guides the use of the Prisma Cloud API scan of Manifest
This Azure HA Template Allows Launching an Additional VM-Series into a Resource Group.
This implementation integrates the AWS Security Hub insights and makes it actionable on the VM-Series FW.
This repo contains Terraform templates to deploy a PAN VM-Series FW into GCP.
This repo enables you to perform cloud automation demos using Terraform or Ansible
This Terraform Module creates a PAN-OS bootstrap package in an AWS S3 bucket to be used for bootstrapping Palo Alto Networks VM-Series virtual firewall instances.
This Terraform Module creates a PAN-OS bootstrap package in a Google Cloud Storage bucket.
Ansible roles and libraries for working with PAN-OS, Panorama, and Pan-Validation Skillets
This repository contains squid proxy patch to make it work with the decryption broker feature. This repo also has a brief documentation about how to make squid proxy work with decryption broker feature in order to send traffic to an ICAP server for inspection.
The K-12 Skillet is indented for K-12 educational deployment configuration of the Palo Alto Networks NGFW
Script for exporting RedLock policies and their associated RQL into a CSV output file.
This repo contains the configuration files to build and deploy the Palo Alto Networks Istio adapter into the GCP/Kubernetes market place
An Ansible role that synchronizes VMware vCenter virtual machine IP addresses and tags with PAN-OS.
Source code for using Autofocus (and other applications) to discern hash coverage of known and unknown artifacts.
Script to read learned Cisco APIC EPG Endpoints and update PANW dynamic address groups.
Templates and such for VM-Series' PAN-OS 8.1 (aka Budapest) beta in public clouds (AWS, Azure, Google Cloud)
A proof of concept to demonstrate synchronization of server assets and their attributes from ServiceNow into registered IP tags and dynamic address groups on a Palo Alto Networks next-generation firewall.