Skip to content

Releases: anl-cyberscience/LQMToolset

v0.1 beta

14 Aug 14:47
@ttaxon ttaxon
v0.1-beta
3375caf
Compare
Choose a tag to compare
v0.1 beta Latest
Latest
This beta version of the LQMToolset supports the following devices:
  • PaloAlto devices that support the PAN-OS XML-based REST API
    • IP blocks and revokes using PaloAlto's dynamic block lists
  • Checkpoint firewalls
    • IP blocks using Checkpoint's Suspicious Activity Monitoring (SAM) firewall
  • Arcsight Logger
    • All alerts are sent to the configured device
    • Arcsight ESM should also work if the proper receiver is set up to listen for messages
Capabilities
  • Whitelisting
    • All alerts that are processed are checked against a master whitelist and are not blocked if the indicator is whitelisted
  • Support for multiple devices of the same type
Not currently supported or limited support
  • IPv6 addresses and subnet ranges are not available to be whitelisted
  • PaloAlto and Checkpoint
    • Hostname blocks
    • URL blocks
Assets 3
Loading