Tech Docs: Magnifier is Naming Names!

Steve Sarette


tech docs

Rolling right along, Magnifier has been updated to show you more. More alerts, more context, more information to help you understand what’s happening on your network. It does this by leveraging the rich information found in Enhanced Application Logs and in your Active Directory.

 

tech docs 1

 

Enhanced Application Logs (EAL) are a new log type that’s available from next-generation firewalls running PAN-OS 8.1 (8.1.1 preferred). They contain network traffic information which enables Magnifier to recognize potential problems that it couldn’t previously see. So now you could receive new alerts (we hope that you don’t ever actually see them!) that weren’t previously possible. Existing alerts are also improved by reducing the potential for false-positives and negatives.

To help you recognize the machines and people referenced by Magnifier’s alerts, this release also enables Directory Sync Service integration. Directory Sync is a core Application Framework service that offers apps the ability to access your organization’s Active Directory data. The result is that Magnifier’s user interface can now (literally) name names. Instead of IP addresses, you’ll now see host names. Instead of user IDs, you’ll now see people’s names.

 

tech docs 2

 

Of course, all of this means Magnifier’s user interface has been updated and refreshed to focus your attention on what’s important. Back from vacation to discover a backlog of alerts? (Say it isn’t so!) Magnifier’s new alert filter allows you to quickly sort through and prioritize all that information. Seeing a lot of malware alerts? Now you can access the WildFire analysis report directly from Magnifier’s user interface. Wondering what application caused a network event? Network-to-Process Association (N2PA) now lets you see what process on what machine did it.

It all means you get more information, focused, so that you can address critical issues even faster.

To discover what Magnifier can do for you, find the following resources on the Technical Documentation portal:

Happy reading!
Your friendly Technical Documentation team

Have questions? Contact us at documentation@paloaltonetworks.com.

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.


© 2018 Palo Alto Networks, Inc. All rights reserved.