Blocklist applied to GlobalProtect Prisma Access Authentication
I'm new to Prisma Access and can't seem to figure out how to block IPs, EDLs, etc from even attempting to authenticate to Prisma Access. If it were on a firewall, the security policy that allows or blocks traffic to the portal/gateway could block it, but it seems that none of the security policy should apply until after authentication. There must be a way of preventing the brute force attempts.
What am I missing?
Thank you!
42 Views
Thanks, Reaper!
I am also not clever enough to find a scope that allows me to add a log forwarding profile to the default rules. Is there a trick to modifying the default rules in Prisma?