How does AIOps secure the telemetry data collected from the FW/Panorama?
4167
Created On 01/19/23 21:40 PM - Last Modified 11/14/24 21:10 PM
Question
How does AIOps secure the telemetry data collected from the FW or Panorama and sent to the cloud?
Environment
- AIOps
- Telemetry Data
Answer
- Data sent to AIOps for NGFW are encrypted in transit to a data center of the customer’s choice. Logs hosted in GCP are encrypted at rest.
- Data Access Controls: Only authorized personnel with a valid support ticket have access to logs with read-only permission to provide support, unless additional information is required to troubleshoot an issue, for which customer approvals are requested. All such access is logged and audit logs are maintained.
- Data Encryption: All logs are encrypted using AES-256 encryption and stored in Google Cloud Platform in the customer's selected region (or the default region, where selection of region is not an option).
- Data Transfer: All data is encrypted in flight using inline encryption (TLS 1.3)
- Telemetry data is transferred to Palo Alto Networks via a TLS-encrypted connection. Telemetry data hosted in GCP is encrypted at rest. Palo Alto Networks has also achieved SOC 2 Type II certification for Cortex Data Lake to demonstrate its strong security policies and internal controls environment.
Additional Information
- For additional information check the privacy AIOps for NGFW sheet.
- Also check the telemetry privacy sheet.