Tech Docs: Five New Features in the Traps Management Service


tech docs

That’s right! The August release of the Traps management services introduces five new features designed to simplify endpoint management and security event investigation:

1. Clickable Dashboard—From the Dashboard you can now jump to a filtered list of endpoints that share any of the following characteristics:

  • Platform operating system
  • License status (to view a list of all licensed endpoints)
  • Content update status (latest or outdated)

trapsMGMT_1

For security events, you can also jump to filtered lists of unresolved events by severity. The Dashboard quick links enable you to quickly identify endpoints for which administrative action may be required.

2. Enhanced Endpoint Filters—To refine the number of endpoints on the Endpoints page, you can now apply new endpoint search filters:

  • Agent Version—Filters all endpoints for specific agent versions. Using this filter you can quickly identify all endpoints running older Traps versions and upgrade them to the latest Traps version thus ensuring the endpoint takes advantage of the latest security policy and Traps features.
  • Content Version—Filters all endpoints for specific content update versions. This filter provides visibility into which endpoints are using older content versions.

trapsMGMT_2

 

3. Security Event Search by Event ID—If you already know the unique event ID for a security event, you can now use that ID to quickly locate a security event. To filter security events for an Event ID you must enter the complete ID value.

trapsMGMT_1

 

4. Hash Exceptions Search      —To quickly locate a hash exception, you can now search hash exceptions using the complete SHA256 value.

5. Process Exceptions Assignment Enhancement—To quickly configure process exceptions for select endpoints, you can now assign process exceptions to endpoint groups, AD groups, and AD organizational units (OU). Process exceptions will apply only to the platform type specified in the exception. In addition, in the case of AD objects that specify users and endpoints, a process exception will apply only on endpoints.

For more details on the new features, please refer to the following resources:

Happy reading!
Your friendly Technical Documentation team

Have questions? Contact us at documentation@paloaltonetworks.com.

[Palo Alto Networks Research Center]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.