PA Best Practice Assessment (BPA) Tool evaluates a Paloalto Firewall configuration by measuring the adoption of capabilities, validating whether the policies adhere to best practices, and providing recommendations and instructions for how to remediate failed best practice checks. This article shows how to run BPA on PA Firewall.
Step 1: Access the BPA from the Customer Support Portal
1. Login Paloalto Customer Support Portal, https://support.paloaltonetworks.com/
2. Click on Members.
3. Select Manage Users.
4. Under Manage Users, click the 3 dots of the user whom you want to assign BPA permissions.
5. Click on Edit User.
6. In Edit User, check BPA User and then Update to save the settings.
7. Now, the user ROLES shows BPA User.
Step 2: Generate Tech Support File
1.Login PA Firewall portal.
2.Go to Devices>Support.
3. Click Generate Tech Support File under Tech Support
Step 3: Generate BPA
1.In the Customer Support Portal, Click Tools and then Best Practice Assessment.
2. Click on Generate New BPA.
3. Drop the generated file or browse to upload.
4. BPA is processing.
5. Click on Generate & download the BPA
6. Completed them BPA generation.
7. Unzip the report and you should see 3 files.
Please view this step by step video: