• Home
  • Expertise
  • SecureDNS
  • WiFi\Router
  • EDR
  • Patch
  • Links
  • FAQ
  • Zero Trust
  • Blue Team
  • Monitoring
  • More
    • Home
    • Expertise
    • SecureDNS
    • WiFi\Router
    • EDR
    • Patch
    • Links
    • FAQ
    • Zero Trust
    • Blue Team
    • Monitoring
  • Home
  • Expertise
  • SecureDNS
  • WiFi\Router
  • EDR
  • Patch
  • Links
  • FAQ
  • Zero Trust
  • Blue Team
  • Monitoring

Setting up external monitoring on the Free…

Setup a free account on uptimerobot.com

This gives you up to 50 resources to monitor, but notifies only 1 email address, no one said it couldnt be a distribution list ¯\_(ツ)_/¯. 


You can pay a small fee for additional users etc. But pay if you can its inexpensive

Setup a Palo Alto, they have steps if you use other types

  1. https://uptimerobot.com/help/locations/#:~:text=Tips%20for%20adding%20our%20monitoring%20IPs%20to%20your%20firewall.
    1. WARNING: Make sure to use applications for your security policies
    2. PROTECT your management interface!
    3. Setup an External Dynamic List
      1. Objects -> External Dynamic Lists -> Add
      2. Enter the info for their external IP list https://uptimerobot.com/inc/files/ips/IPv4.txt
      3. Test the source URL to ensure the PAN has access
      4. Create your security policies
        1. Make sure its above your DENY Inbound Connections policy!
          1. If you dont have one I highly recommend it only if you are not hosting any internal applications required by outside users (ie websites, email, etc).

 

  1. Make sure you have a Interface Management Policy
    1. If you already have one for external Management its still protected by your security policies (if not create one!).
      1. The security policy for this should only allow ping and icmp is by application.
      2. Make sure you have one for  management access with a source IP selected of a static trusted IP address (another office, data center, etc.) for SSL (HTTPS) and SSH applications.
    2. Network -> Interface -> Management 
    3. Allow only Ping
      1. If you allow others, its okay as long as you have it protected by source IP!

  1. You dont need to put IP’s in here, your security policy is doing that protection for you.
  2. Setup your Ping monitor on your dashboard dashboard.uptimerobot.com
  3. Thats It! Add all your things!

Copyright © 2019 SKRZ Security - All Rights Reserved.


Powered by