Aria Operations for Networks displays dropped/denied physical flows from Palo Alto interfaces as Allow
search cancel

Aria Operations for Networks displays dropped/denied physical flows from Palo Alto interfaces as Allow

book

Article ID: 377388

calendar_today

Updated On:

Products

VMware Aria Operations for Networks

Issue/Introduction

Physical flows collected from a Palo Alto device are visible in Aria Operations for Networks as "allowed" flows. The real state of the flow ("denied") is not displayed.

Palo Alto displays as per screenshot below:

Aria Operations for Networks GUI displays, for example:

Environment

Aria Operations for Networks 6.10.0
Aria Operations for Networks 6.11.0
Aria Operations for Networks 6.12.0
Aria Operations for Networks 6.12.0
Aria Operations for Networks 6.13.0

Resolution

This is expected behavior because Palo Alto does not support stitching flows to firewall rule IDs.

Work with the device vendor to add this feature to the device for the functionality to be considered in future versions of Aria Operations for Networks.

Powered by Wolken Software