Brian has a cron job that each day it automatically copies the threats into a file. Brian is then manually taking those threats and adding them to CIF.
Wishlist:
He would like us to automate the process:
About every 15minutes, using the Palo Alto API, Pull from Palo Alto and Push it out to CIF.
Also go the other way: pull threats from CIF, and push them straight into Palo Alto to create additional rules in the firewall/block new IPs.
Observation:
A wishlist item from Brian was to dockerize CIF, but this has already been done for version 4 (the links in the power point regarding CIF were actually for version 3).
Current Status of CIF 4:
Brian has a cron job that each day it automatically copies the threats into a file. Brian is then manually taking those threats and adding them to CIF.
Wishlist:
He would like us to automate the process:
Observation:
A wishlist item from Brian was to dockerize CIF, but this has already been done for version 4 (the links in the power point regarding CIF were actually for version 3).