Skip to content

Commit 13566f0

Browse files
Shereen-BharShereen-Bhar
committed
rewording for consistency
1 parent 250a96b commit 13566f0

File tree

1 file changed

+6
-2
lines changed

1 file changed

+6
-2
lines changed

articles/defender-for-iot/organizations/tutorial-palo-alto.md

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,9 @@ If you don't have an Azure subscription, create a [free account](https://azure.m
3434

3535
## Configure immediate blocking by a specified Palo Alto firewall
3636

37-
In cases, such as malware-related alerts, you can enable automatic blocking. If the alert in question hasn't been raised prior to the integration, Defender for IoT forwarding rules is utilized to send a blocking command directly to a specific Palo Alto firewall.
37+
In cases, such as malware-related alerts, you can enable automatic blocking. Defender for IoT forwarding rules are utilized to send a blocking command directly to a specific Palo Alto firewall.
38+
39+
Forwarding alert rules run only on alerts triggered after the forwarding rule is created. Alerts already in the system from before the forwarding rule was created are not affected by the rule.
3840

3941
When Defender for IoT identifies a critical threat, it sends an alert that includes an option of blocking the infected source. Selecting **Block Source** in the alert’s details activates the forwarding rule, which sends the blocking command to the specified Palo Alto firewall.
4042

@@ -124,7 +126,9 @@ The first step in creating Panorama blocking policies in Defender for IoT is to
124126

125127
## Block suspicious traffic with the Palo Alto firewall
126128

127-
Suspicious traffic will need to be blocked with the Palo Alto firewall. You can block suspicious traffic through the use forwarding rules in Defender for IoT. However, this use of forwarding rules is only valid for alerts that haven't been raised prior to the integration.
129+
Suspicious traffic will need to be blocked with the Palo Alto firewall. You can block suspicious traffic through the use forwarding rules in Defender for IoT.
130+
131+
Forwarding alert rules run only on alerts triggered after the forwarding rule is created. Alerts already in the system from before the forwarding rule was created are not affected by the rule.
128132

129133
**To block suspicious traffic with the Palo Alto firewall using a Defender for IoT forwarding rule**:
130134

0 commit comments

Comments
 (0)