Add Proxy handling and Fix Incorrect M-model handling

PaloAltoNetworks · Sep 13, 2023 · 0641a21 · 0641a21
1 parent f8f1b0f
commit 0641a21
Show file tree

Hide file tree

Showing 5 changed files with 85 additions and 9 deletions.
diff --git a/...PAN_OS_Upgrade_Services/Integrations/PAN_OS_Device_Management/PAN_OS_Device_Management.py b/...PAN_OS_Upgrade_Services/Integrations/PAN_OS_Device_Management/PAN_OS_Device_Management.py
@@ -92,12 +92,10 @@ def system_to_indicator(data: dict) -> dict:
     indicator_type = "Network Device"
     family = data.get("family", "unknown").lower()
     model = data.get("model", "unknown").lower()
-    if family == "pc" or model == "panorama":
+    system_mode = data.get("system_mode", "unknown").lower()
+    if family == "pc" or model == "panorama" or system_mode == "panorama":
         indicator_type = "Panorama Device"
 
-    if family == "m" or model in ["m-500", "m-600"]:
-        return "ok"
-
     field_data = {}
     # Sub out the underscores and map if required
     for field, value in data.items():
@@ -503,6 +501,7 @@ def main():
     port = params.get("port", "443")
     hostname = parsed_url.hostname
 
+    handle_proxy()
     panorama = Panorama.create_from_device(
         hostname=hostname,
         api_key=api_key,

diff --git a/...S_Upgrade_Services/Integrations/PAN_OS_Device_Management/PAN_OS_Device_Management_test.py b/...S_Upgrade_Services/Integrations/PAN_OS_Device_Management/PAN_OS_Device_Management_test.py
@@ -124,3 +124,14 @@ def test_flatten_xml_to_dict(xml_file, expected_data_file):
     result_dict = {}
     result_dict = flatten_xml_to_dict(xml_element, result_dict)
     assert result_dict == expected_dict
+
+
+@pytest.mark.parametrize("data_file,expected_type", [
+    ("test_data/show_system_info_expected.json", "Network Device"),
+    ("test_data/show_system_info_expected_panorama.json", "Panorama Device"),
+])
+def test_system_to_indicator(data_file, expected_type):
+    from PAN_OS_Device_Management import system_to_indicator
+    expected_dict = load_json_from_test_file(data_file).get("result").get("system")
+    result = system_to_indicator(expected_dict)
+    assert result.get("type") == expected_type
diff --git a/...s/Integrations/PAN_OS_Device_Management/test_data/show_system_info_expected_panorama.json b/...s/Integrations/PAN_OS_Device_Management/test_data/show_system_info_expected_panorama.json
@@ -0,0 +1,66 @@
+{
+    "result": {
+        "system": {
+            "hostname": "panorama_example",
+            "ip_address": "192.168.1.141",
+            "public_ip_address": "unknown",
+            "netmask": "255.255.255.0",
+            "default_gateway": "192.168.1.1",
+            "is_dhcp": "no",
+            "ipv6_address": "unknown",
+            "ipv6_link_local_address": "fe80::20c:29ff:fe76:43bc/64",
+            "mac_address": "00:0c:29:76:43:bc",
+            "time": "Thu Aug 4 05:55:10 2022",
+            "uptime": "31 days, 3:25:27",
+            "devicename": "vm-lab-fw02",
+            "family": "m",
+            "model": "M-500",
+            "system_mode": "panorama",
+            "serial": "111111111111111",
+            "vm_mac_base": "7C:89:C2:23:5E:00",
+            "vm_mac_count": "256",
+            "vm_uuid": "564DC7A1-AFF0-E437-CC50-38F1EA7643BC",
+            "vm_cpuid": "ESX:C3060300FFFBAB1F",
+            "vm_license": "VM-50",
+            "vm_cap_tier": "5.5 GB",
+            "vm_cores": "2",
+            "vm_mem": "5590336",
+            "vm_mode": "VMware ESXi",
+            "cloud_mode": "non-cloud",
+            "sw_version": "10.0.9",
+            "global_protect_client_package_version": "0.0.0",
+            "device_dictionary_version": "54-338",
+            "device_dictionary_release_date": "2022/07/21 18:47:34 PDT",
+            "app_version": "8596-7477",
+            "app_release_date": "2022/07/25 14:35:05 PDT",
+            "av_version": "0",
+            "threat_version": "8596-7477",
+            "threat_release_date": "2022/07/25 14:35:05 PDT",
+            "wf_private_version": "0",
+            "wf_private_release_date": "unknown",
+            "url_db": "paloaltonetworks",
+            "wildfire_version": "0",
+            "wildfire_rt": "Disabled",
+            "url_filtering_version": "20220804.20046",
+            "global_protect_datafile_version": "unknown",
+            "global_protect_datafile_release_date": "unknown",
+            "global_protect_clientless_vpn_version": "0",
+            "logdb_version": "10.0.3",
+            "plugin_versions": {
+                "entry": [
+                    {
+                        "pkginfo": "vm_series-2.1.4"
+                    },
+                    {
+                        "pkginfo": "dlp-1.0.3"
+                    }
+                ]
+            },
+            "platform_family": "vm",
+            "vpn_disable_mode": "off",
+            "multi_vsys": "off",
+            "operational_mode": "normal",
+            "device_certificate_status": "None"
+        }
+    }
+}
diff --git a/...PAN_OS_Upgrade_Services/Integrations/PAN_OS_Upgrade_Assurance/PAN_OS_Upgrade_Assurance.py b/...PAN_OS_Upgrade_Services/Integrations/PAN_OS_Upgrade_Assurance/PAN_OS_Upgrade_Assurance.py
@@ -273,6 +273,8 @@ def main():
     panorama_password = demisto.params().get("panorama_password")
     panorama = get_panorama(panorama_ip, panorama_user, panorama_password)
 
+    handle_proxy()
+
     command = demisto.command()
     try:
         if command == "pan-os-assurance-run-readiness-checks":

diff --git a/release.md b/release.md
@@ -1,5 +1,3 @@
-Features:
- * Added ARP Table Session Exist check. This allows the user to specify a specific item exists in the
-   arp table when running the checks.
- * Updated the Assurance playbook to run the readiness checks before AND after the upgrade process to ensure
-   changes in those checks are visualized in the incidents.
+Fixes:
+ * Fix incorrect handling of M- series appliances running in Panorama Mode
+ * Add handle_proxy() to support XSOAR proxy sessions in both new integrations