A major problem facing today’s security teams is the ability to quickly respond to threats in an efficient manner. By combining Rapid7 InsightVM* or Nexpose and Palo Alto Networks Next Generation Firewall (NGFW), you can tackle that problem by seamlessly managing your assets based on the dynamic asset groups established in your Rapid7 vulnerability scanner; this allows your team to apply security policies to your dynamic asset groups, combining those policies with the vulnerabilities and risks flagged during scans.
The interoperability between these best-of-breed products creates a solution that helps identify and mitigate zero-day threats quickly. By being able to effortlessly tag and restrict access to these assets, security teams can rapidly remove threat vectors within their environments.
Incorporating the dynamic asset groups from InsightVM with Palo Alto Networks NGFW gives you the ability to quickly pivot between the two products with the same asset mapping in both GUIs. This mirrored view allows you to trust the data you are viewing and more quickly respond to vulnerabilities and zero-day threats to the network.
First, run a scan in InsightVM and establish dynamic asset groups for all assets. Once the Ruby Gem (available free to download) is installed and run, it will then pull the asset and group data. The Gem then creates the corresponding tag in the Palo Alto Networks NGFW and assigns the assets accordingly. Security policy within the firewall can then be assigned to the asset groups. By applying a simple cron job to the Gem, you can make this an automated solution, giving you greater visibility into the assets on your network.
Overview of the Integration Process
Figure 1: PAN-tagged asset groups via InsightVM (or Nexpose)
*All mentions of Rapid7 InsightVM associated with its integration with Palo Alto Networks Next Generation Firewall (NGFW) also apply to Rapid7 Nexpose.
Download this Integration Overview.Download PDF
Take this integration for a spin and experience the full functionality of InsightVM for 30 days.Explore InsightVM
Please contact Rapid7 for support or assistance at +1.866.380.8113, or view all of our support options.Get Support