Palo Alto Checklist

Palo Alto Networks Next-Genera
Network Security and Best Practice Ana

Need Help? Contact us online at www.consigas.com or give us a call
We are a Palo Alto Networks Certified Professional Service Provider (

all day every day. Let us share our experience with you to make your
important a piece of mind by truly securing your valuable IT assets
Network Security Best Practise/Site

Preparation
Device Configuration - Adapt the general system configuration to best practices
Upgrade the PAN-OS operating system software to the latest recommended release (v8.1.6)
Check interface status and settings for potential duplex mismatch
General Device Settings - configure the Hostname
General Device Settings - define a Login Banner
General Device Settings - enable "Automatically Acquire Commit Lock"
General Device Settings - enable "Certificate Expiration Check"
General Device Settings - enable NTP Time Synchonization
General Device Settings - configure "NTP Server Authentication"
FireWall Administrator Authentication - configure an Authentication profile
FireWall Administrator Authentication - Remove the default admin account
FireWall Administrator Authentication - configure a Certificate profile in the Authentication Settings
FireWall Administrator Authentication - set the "Idle Timeout" in the Authentication Settings to 10 minutes or less
FireWall Administrator Authentication - set the "Failed Attempts" in the Authentication Settings to 5 or fewer
FireWall Administrator Authentication - set the "Lockout Time" in the Authentication Settings to a 30 minutes
FireWall Administrator Authentication - configure "Minimum Password Complexity"
FireWall Administrator Authentication - ensure 'Minimum Length' is greater than or equal to 12
FireWall Administrator Authentication - ensure 'Minimum Uppercase Letters' is greater than or equal to 1
FireWall Administrator Authentication - ensure 'Minimum Lowercase Letters' is greater than or equal to 1
FireWall Administrator Authentication - ensure 'Minimum Numeric Letters' is greater than or equal to 1
FireWall Administrator Authentication - ensure 'Minimum Special Characters' is greater than or equal to 1
FireWall Administrator Authentication - ensure 'Required Password Change Period' is less than or equal to 90 days
FireWall Administrator Authentication - ensure 'New Password Differs By Characters' is greater than or equal to 3
FireWall Administrator Authentication - ensure 'Prevent Password Reuse Limit' is set to 24 or more passwords
FireWall Administrator Authentication - ensure 'Password Profiles' do not exist
FireWall Administrator Authentication - ensure administrators use a Password profile if applicable
FireWall Administrator Authentication - create and use Admin roles
FireWall Mgmt Interface - Network Interface Management profiles
FireWall Mgmt Interface - ensure "Permitted IP Addresses" is set where SSH, HTTPS, or SNMP is enabled
FireWall Mgmt Interface - configure "Permitted IP Addresses"
FireWall Mgmt Interface - Limit Management Interface Services
FireWall Mgmt Interface - ensure a valid certificate is used for the GUI
FireWall Mgmt Interface - set the SNMP version to"v3" if SNMP is used
FireWall Mgmt Interface - Secure the Client communication
Enable telemetry and threat intelligence sharing
Logging - Customize Log Storage Quota
Logging - Enable "Log on High DP Load"
Logging - configure a log setting for "Informational" severity
Logging - configure a log setting for "Low" severity
Logging - configure a log setting for "Medium" severity
Logging - configure a log setting for "High" severity
Logging - configure a log setting for "Critical" severity
Logging - forward all content-based critical system logs
Logging - configure the "Configuration" log setting
Logging - set syslog "Transport" mode to "SSL"
Logging - with Panorama enable "Buffered Log Forwarding from Device"
Content Inspection settings and updates
Content Updates - verify Update Server Identity
Forward decrypted content to WildFire for analysis
Do not forward segments when TCP content Inspection queue is full
Do not forward UDP datagrams when UDP content inspection queue is full
Do not forward packets when App-ID inspection queue is full
Wildfire - forward samples for Analysis to a regional Wildfire cloud domain
Wildfire - get Wildfire to report on Grayware Files
Wildfire - enable all Session Information Settings Options are enabled
Wildfire - limit the size for portable executable (pe) files to 10 MB
Wildfire - set the file size limit for Application Package Kit (apk) files to 30 MB
Wildfire - set the file size limit for PDF files to 1,000 KB
Wildfire - set the file size limit for "ms-office" files to 2,000 KB
Wildfire - set the file size limit for "jar" files to 5 MB
Wildfire - set the file size limit for "flash" files to 5 MB
Wildfire - set the file size limit for "MacOSX" files to 1 MB
Wildfire - set the forwarding size limit for archive files to 10 MB
Wildfire - set the forwarding size limit for Linux files to 2 MB
Session Settings - enable "Rematch Sessions"
Session Settings - enable "Accelerated Aging"
Session Settings - ensure "Session Timeouts" "Default" is set to the default value
Session Settings - do not forward TCP out-of-order queue segments
AntiVirus Dynamic Updates - set update recurrence to hourly with an action to "download-and-install"
Apps & Threats Dynamic Updates - configure content updates correctly for your environment
Apps & Threats Dynamic Updates - Time delay threshold for installing new App-IDs from content updates
Wildfire Dynamic Updates - set the update recurrence to "Every Minute" with action to "download-and-install"
Global Protect Dynamic Updates - set content update recurrence to "Hourly" with action to "download-and-install"
Clientless VPN Dynamic Updates - set content update recurrence to "Hourly" with action to "download-and-install"
Customize Response Pages
High Availability
Ensure "Enable Config Sync" is selected
Ensure "Backup Peer HA1 IP Address" is configured
Mgmt Interface used for HA1 Backup
Ensure "Passive Link State" is set to "Auto"
Ensure "Preemptive" is configured as necessary
Ensure "HA Timer Settings" is set to "Recommended"
Ensure that for Control Link (HA1), "Encryption Enabled" is set as needed
Ensure that for Data Link (HA2), "Enable Session Sychronization" is selected
Ensure "HA2 Keep-alive" is enabled
Ensure "HA2 Keep-alive" Action is set to "Log Only."
Ensure either Link Monitoring or Path Monitoring is enabled (and configured)
If Link Monitoring is enabled, ensure at least one Link Group is configured
If Path Monitoring is enabled, ensure at least one Path Group is configured
Execute High Availaility Failover testing
Security Policy Restructuring and initial clean-up
Don't enable "Log at Session Start" in a rule except for troubleshooting purposes
Default Interzone Rule with Logging
Default Intrazone Rule with Logging
Default Interzone Rule set to deny
Default Intrazone Rule set to deny
Remove or modify Security policy rules with expired non-recurring schedules
Delete disabled rules
Delete unused rules
Restrict App-ID enabled rules to the application-default or a specific service
Do not disable server response inspection on Security policy rules
Description populated for each policy rule
Remove Unused Security Profiles
Antivirus Profile Decoder Actions set to "reset-both"
Antivirus Profile Decoder WildFire Actions set to "reset-both"
Antivirus Profile Packet Capture disabled
Antivirus Profile use the "reset-client" or "reset-server" Action only if required.
Antivirus Profile remove threat exceptions
Antivirus Profile remove application exceptions
Anti-Spyware Profile remove threat exceptions
Anti-Spyware - don't change the default Botent configuration
Vulnerability Protection Profile remove threat exceptions
Move uncontrolled Internet access rules to the end of the rulebase
Define the zones for rules that have the source and destination zone set to any
Place Web Access Policy at the end of the rulebase or Panorama Post-Rules
Move System rules into Panorama Pre-Rules
PBF - Enable monitoring on policy-based forwarding rules
PBF - Use a Monitor profile or specify an IP address to monitor in each policy-based forwarding rule
PBF - Policy Best Practices for Action=Forward only
Web Access Policy for Enduser Devices

User Identification
Ensure that IP addresses are mapped to usernames
Setup a dedicated FireWall service account with limited privileges for User-ID
Ensure that the User-ID service account does not have interactive logon rights
Ensure remote access capabilities for the User-ID service account are forbidden
Windows Server Monitoring - enable Log Monitor and specify the Server Log Monitor Frequency value
Windows Server Monitoring - enable Server Session Read only if required
Do not enable WMI or NetBIOS probing
Enable and set the "User Identification Timeout"
Add active directory service accounts to the Ignore User list
Define at least one "Include Network"
Define all Active Directory Server as User-ID Monitored Servers
Group Mapping - configure redundant LDAP servers
Group Mapping - in the LDAP profile, ensure "Require SSL/TLS secured connection" is enabled
Group Mapping - in the LDAP profile, ensure "Verify Server Certificate for SSL sessions" is enabled
Group Mapping - Setup Group Mapping with a dedicated list of included groups
Use X-Forwarded-For Header in User ID if a proxy is deployed
Strip X-Forwarded-For Header if a proxy is deployed
Define a User Identfication ACL in the Zone configuration if User-ID is enabled
Enable User-ID on trusted zones which users are connected to
Dedicated User-ID agents - define Access Control List to restrict access to the user-id agent from firewalls
Dedicated User-ID agents - set the User-ID agent service recovery to "Restart the Service"
Redistributed User-ID information between FireWalls
Malware scanning
Threat Prevention license installed
Antivirus profile applied to all policies
Anti-Spyware Critical/High/Medium profile
Anti-Spyware Low/Informational profile
Anti-Spyware set DNS Sinkhole to block suspicious DNS Queries
Anti-Spyware profile applied to all policies
Vulnerability Protection Low/Informational profile
Vulnerability Protection Critical/High/Medium profile
Vulnerability Protection profile applied to all policies
Wildfire license installed
Upload non-private files to Wildfire for Zero-day malware detection
Upload potentially private files to Wildfire for Zero-day malware detection
Application Control
Apply negative enforcement policy to “Block Known Bad” applications
Restrict high risk applications
Restrict non-corporate e-mail applications to a limited user group
Limit Fallback rules to port 80 & 443
Define "deny any any" rule for users in the web access groups
URL Filtering
PAN-DB URL filtering license installed
Don't set any URL categories with a Site Access action of "allow"
Block access to malicious URL categories
Block access to potentially dangerous URL categories
Ensure that the "Log container page only" setting is enabled on the URL Filtering profile
Log HTTP Header information
URL Filtering profile applied to all policies
Restrict web advertisement to a limited user group
Block access to “unknown” URLs
File Blocking
File blocking profile applied to all policies
Block the download of “PE”, Multi-Level-Encoded zip and other high risk files
Block the download of Flash and Java files
SSL Decryption
Import a Corporate CA or rollout the FireWall CA SSL Certificate to all users
Allow forwarding of decrypted content
Enforce SSL Forward Proxy verification checks in the SSL Decryption profile
Enforce SSL Protocol verification checks in the SSL Decryption profile
Block not decrypted SSL sessions with expired certificates and untrusted issuers
Apply a Decryption profile to all Decryption policy rules, including rules for traffic you don't decrypt
Block Google Quic as part of the "Block Known Bad" applications
Activate SSL Decryption for test user group
Activate SSL Decryption for all users
Credential Theft Prevention
Setup a Read Only Domain Controller "RODC" and install the User-ID as well as Credential Agent
Enable User Credential Detection
Whitelist Corporate SaaS applications
Set User Credential Submission to block or alert for all URL categories
Web Access Policy rollout
Apply new Web Access Policy to an initial test group
Apply new Web Access Policy to all users
Application Control Enforcement
Identify Applications used per usergroup and add to App rules
Delete Fallback rules
Remote Access
Use a SSL certificate signed by a public CA for the GlobalProtect Portal
Set the minimum version of your SSL/TLS service profile to "TLSv1.2"
GlobalProtect Portal Login page is disabled
Use a Trusted Root CA certificate
User Authentication - enable two-factor authentication for GlobalProtect gateway client authentication
User Authentication - set the "Failed Attempts" in the Authentication Settings to 5 or fewer
User Authentication - set the "Lockout Time" to 30 minutes
User Authentication - enable certificate based authentication for GlobalProtect gateway client authentication
Do not allow the GlobalProtect app to save user credentials
Allow users to disable the GlobalProtect App only for a specific time period
Use internal host detection
Enforce the GlobalProtect Connection for Network Access
All traffic (company and internet) is forwarded through the firewall
Remote Access is enforced to connect automatically after the user logs in (always on)
Host Information - enable GloblProtect to "Collect HIP Data"
Host Information - ensure that HIP profiles used in Security policy have at least one HIP object
Host Information - enforce HIP Profiles in the security policy
GlobalProtect remote access is rolled out to an initial test group
GlobalProtect remote access is rolled out to all mobile users
Data Centre
Reconnaissance and Denial of Service Protection
Zone Protection - Enable all Flood Protection settings and edit the default threshold values
Zone Protection - Enable all Reconnaissance Protection settings in the Zone Protection profile
Zone Protection - Enable Packet Based Attack Protection settings in the Zone Protection profile
Zone Protection - ensure the Packet Buffer Protection global setting
Zone Protection - Enable 'Packet Buffer Protection' on each Zone
Zone Protection - Apply a Zone Protection profile to each zone
Setup DoS Protection Policies and Security Profiles
Block access to and from high risk sources
Malware base Protection
Threat Prevention license installed
PAN-DB URL filtering license installed
Apply a dedicated Security Profile group for Internet Inbound traffic to all related security policies
Apply a dedicated Security Profile group for Internet Outbound traffic to all related security policies
Apply a dedicated Security Profile group for traffic between internal networks to alert on threats
Wildfire license installed
Upload non-private files to Wildfire for Zero-day malware detection
Upload potentially private files to Wildfire for Zero-day malware detection
Analyse SMTP E-Mail traffic for Zero-day malware
Limit security policies to the required zones
Protect Internet Services (Server which are reachable from the Internet)
Provide a report on all Internet Services
Group Internet Services
Rollout FireWall CA SSL Certificate to all servers
Provide SSL Certificates including private key of all Internet facing web servers
Decrypt SSL Outbound traffic to the Internet
Decrypt SSL Inbound traffic from the Internet
Enable SSH Proxy mode checks
Decrypt SSH Outbound traffic to the Internet
Decrypt SSH Inbound traffic from the Internet
Further lock down the dedicated Security Profile group for Internet Inbound traffic
Block the download and upload of high risk file types
Allow only reqiured ports (specific or application default)
Allow only specific Applications for Internet inbound traffic
Allow only specific Applications for Internet outbound traffic
Allow only specific URLs for web based Internet outbound traffic
Limit security policies to specific source and destination IP addresses or countries
Server Internet Access (Server which are able to access the Internet but are not reachable from the Internet)
Rollout FireWall CA SSL Certificate to all servers
Decrypt SSL Outbound traffic to the Internet
Decrypt SSH Outbound traffic to the Internet
Allow only reqiured ports (specific or application default)
Allow only specific Applications for Internet outbound traffic
Allow only specfic URL categories for web based Internet outbound traffic
Block the download of high risk file types
Limit security policies to specific source and destination IP addresses or subnets
Delete wide open Internet access rules
Internal Traffic
Lock down the dedicated Security Profile group for traffic between internal networks
Decrypt SSH traffic
Limit security policies to specific source and/or destination IP addresses or networks
Allow only specific Applications for internal traffic
Avoid using Application Override policies if possible
IPSEC Site to Site VPNs
Use ESP protocol in the IPSec Crypto profile
Use AES encryption in the IPSec and IKE Crypto profile
Use SHA256 or higher authentication in the IPSec and IKE Crypto profile
Use Diffie-Hellman group 2 or higher in the IPSec and IKE Crypto profile
Zero Trust
Move Internet facing applications into a dedicated DMZ
Move the most business critical applications into a dedicated zone on the FireWall
Move all datacentre applications into a dedicated zones on the FireWall
Data Loss Prevention
Ensure alerting after a threshold of credit card or Social Security numbers is detected is enabled
Ensure a secure Data Filtering profile is applied to all security policies allowing traffic to or from the Internet
Monitoring and Reporting

Logging
Set all security policies to log traffic at the end of the session
Setup a Log Forwarding profile to forward all traffic logs
Setup a Log Forwarding profile to forward all threat logs
Setup a Log Forwarding profile to forward all wildfire logs
Setup a Log Forwarding profile to forward all auth, data, tunnel and url logs
Forward all policy logs to Panorama or another centralised log storage
Threat Monitoring and Alerting
Get immediately alerted on Wildfire submissions (malware & grayware)
Get immediately alerted on critical Correlation Events
Daily report for DNS Sinkhole events
Weekly Threat Report
Appropriate usage Monitoring
Identify sanctioned SaaS applications and tag as "Sanctioned"
Weekly or Monthly report on Application and URL usage
System Monitoring
Enable E-Mail alerts for critical system logs
eration FireWall Total Target Score
Analysis Total Score

a call +353 (1) 5241014 / +1 (669) 2206685
ider (CPSP) and the Next-Generation Security Platform is what we do Site Target Score
your Next-Generation Security project a smooth experience but most Site Score
ets
CIS Controls
Security Service
BPA Ref Scored Level Task Owner Impact Impact Risk
CSG medium medium

CSG/CSTR n/a medium
ID 90 CSG n/a none
ID 91 1.1.1 Yes 1 CSG n/a none
ID 88 CSG n/a none
ID 89 CSG n/a none
ID 106 1.6.2 Yes 1 CSG low none
ID 92 155 CSG/CSTR medium low
CSG low none
ID 93 CSG/CSTR low low
ID 95 1.4.2 Yes 1 CSG low low
ID 103 202 1.3.1 Yes 1 CSG low none
1.3.2 Yes 1 CSG low none
ID 153 CSG low low
ID 154 CSG low none
1.2.5 No 2 CSG low none
ID 183 1.5.1 Yes 1 CSG/CSTR medium low
ID 99 223 CSG low none
ID 197 39 6.5 Yes 1 CSG low none
CSG n/a none
ID 177 CSG n/a none
ID 178 CSG n/a none
ID 179 CSG n/a none
ID 180 CSG n/a none
ID 181 CSG n/a none
ID 222 CSG n/a none
ID 182 CSG n/a none
ID 185 CSG medium low
ID 98 CSG n/a none

ID 203 CSG high low
ID 215 CSG low medium
ID 119 CSG n/a none
ID 117 CSG low none
ID 118 5.5 Yes 1 CSG n/a none
ID 109 5.1 Yes 1 CSG low none
ID 120 CSG low low
ID 121 CSG n/a none
ID 122 CSG n/a none
ID 214 CSG n/a none
ID 188 4.1 Yes 1 CSG high low
ID 189 4.2 Yes 1 CSG high medium
ID 194 CSG low none
ID 195 CSG n/a none
CSG low none
ID 136 CSG n/a none

ID 138 CSG n/a none
ID 141 CSG n/a none
ID 139 3.3 Yes 1 CSG n/a low
ID 142 CSG n/a none
ID 143 CSG n/a none
ID 145 CSG n/a none
ID 146 CSG n/a none
ID 150 CSG n/a none
ID 151 CSG n/a none
CSG/CSTR n/a medium
ID 6 CSG n/a none

ID 12 CSG low none
ID 13 CSG low none
ID 12 CSG high medium
CSG medium medium
ID 8 CSG n/a low
ID 11 CSG n/a low
ID 9 CSG medium low
ID 3 CSTR n/a none
ID 221 CSG n/a none
ID 34 CSG high low
ID 35 CSG n/a none
ID 206 CSG low none
ID 31 CSG low low
ID 36 CSG low low
ID 37 CSG low none
ID 41 CSG low low
CSG medium medium
ID 4 CSG medium low
CSG low low
CSG low low
ID 17 CSG n/a medium
2.1 Yes 2 CSG low none

2.7 No 1 CSG low none
ID 163 CSG low low
CSG low none
ID 165 166 210 CSG low none
CSG low none
ID 167 CSG low none
ID 199 CSG low none
ID 186 CSG low none
ID 187 CSG low none
ID 169 CSG/CSTR low none
ID 107 CSG low none
ID 108 CSG low none
ID 61 CSG low none
ID 16 62 2.3 Yes 1 CSG low none
CSG/CSTR low none
CSG/CSTR low none
CSG low none
CSG high none

6.2 Yes 1 CSG high low
ID 201 6.3 Yes 1 CSG low low
6.6 Yes 1 CSG high medium
ID 200 6.7 Yes 1 CSG low low
ID 42 6.7 Yes 1 CSG medium high
6.8 Yes 1 CSG high medium
CSG high none
5.2 Yes 1 CSG high none
ID 47 5.2 Yes 1 CSG high none
CSG high low

CSG high medium
CSG high low
ID 5 7.2 Yes 1 CSG medium medium
CSG high medium

ID 43 6.10 Yes 1 CSG medium low
ID 44 CSG n/a none
6.13 Yes 1 CSG high low
CSG medium low
ID 43 CSG critical medium
CSG low low

ID 45 CSG critical medium
ID 45 CSG high high
8.3 No 1+2 CSTR n/a low
ID 57 CSG high low
ID 58 CSG high low
ID 19 CSG high low
CSG high low
CSTR/CSG high high
8.1 Yes 1 CSTR/CSG critical high
CSTR low low

ID 207 6.20 Yes 1 CSG medium none
ID 207 6.20 Yes 1 CSG high medium
CSTR/CSG low medium

CSTR/CSG high medium

ID 208 CSG medium medium
1.6.3 No 1/2 CSTR medium none

ID 63 76 CSG low none
CSG low none
ID 65 CSG medium none
ID 77 CSTR/CSG critical medium
ID 157 CSG low low
ID 156 CSG low low
CSTR/CSG medium low
ID 66 CSG low low
ID 68 CSG n/a none
ID 71 CSG medium high
ID 78 CSG critical low
CSG high low
CSTR/CSG low low
CSTR/CSG high low

ID 87 6.19 Yes 1 CSG low medium
ID 213 CSG low low
ID 212 CSG low low
ID 26 43 49 CSG medium low
7.3 Yes 1 CSG medium low
CSG high none

CSG high none
CSG high low
CSG high low
CSG low none
CSG high none
ID 47 5.2 Yes 1 CSG high none
CSG high low
CSG medium low
CSG n/a none

CSTR n/a none
8.3 No 1+2 CSTR n/a low
CSTR n/a none
CSG critical high
ID 56 8.2 Yes 1 CSG medium medium
CSG high medium
CSG critical medium
ID 208 7.1 Yes 1+2 CSG medium low
CSG high medium
CSG medium low
CSTR n/a low

CSG critical high
CSG high medium
CSG critical medium
CSG medium low
CSG high medium
CSG high medium

CSG medium medium

CSG medium medium
CSG/CSTR high medium


CSG n/a none

ID 51 CSG n/a none
ID 52 CSG n/a none
ID 53 CSG n/a none
CSG n/a none
ID 7 CSG n/a none

CSG high none
CSG medium none
CSG medium none
ID 27 CSG n/a none

ID 28 CSG n/a none
CSG n/a none

1195
4.5
1195 n/a n/a

4.5 0 0
Site 1 Site 2 Site 3

4.5 4.5 246 0 0 247 0
4.5 4.5 81 0 0 82 0
yes 4 4 0 4
no 0 1 0 1
partially 0.5 1 0 1
other 0 1 0 1
n/a 0 0 0 1
0 1 0 1
0 1 0 1
0 2 0 2
0 4 0 4
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 4 0 4
0 2 0 2
0 2 0 2
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 4 0 4
0 1 0 1
0 0 74 0 0 74 0
0 2 0 2
0 8 0 8
0 2 0 2
0 2 0 2
0 2 0 2
0 1 0 1
0 2 0 2
0 1 0 1
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 1 0 1
0 1 0 1
0 1 0 1
0 8 0 8
0 8 0 8
0 2 0 2
0 8 0 8
0 2 0 2
0 1 0 1
0 2 0 2
0 0 14 0 0 14 0
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 0 77 0 0 77 0
0 1 0 1
0 2 0 2
0 2 0 2
0 8 0 8
0 4 0 4
0 1 0 1
0 1 0 1
0 2 0 2
0 4 0 4
0 4 0 4
0 1 0 1
0 1 0 1
0 8 0 8
0 8 0 8
0 1 0 1
0 2 0 2
0 2 0 2
0 4 0 4
0 2 0 2
0 2 0 2
0 2 0 2
0 4 0 4
0 4 0 4
0 2 0 2
0 2 0 2
0 1 0 1
0 1 0 1
0 1 0 1
0 0 394 0 0 394 0
0 0 44 0 0 44 0
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 0 80 0 0 80 0
0 8 0 8
0 8 0 8
0 8 0 8
0 2 0 2
0 8 0 8
0 8 0 8
0 2 0 2
0 4 0 4
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 0 36 0 0 36 0
0 8 0 8
0 8 0 8
0 8 0 8
0 4 0 4
0 8 0 8
0 0 69 0 0 69 0
0 8 0 8
0 2 0 2
0 8 0 8
0 4 0 4
0 1 0 1
0 2 0 2
0 8 0 8
0 4 0 4
0 32 0 32
0 0 42 0 0 42 0
0 2 0 2
0 32 0 32
0 8 0 8
0 0 89 0 0 89 0
0 1 0 1
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 32 0 32
0 0 16 0 0 16 0
0 2 0 2
0 4 0 4
0 2 0 2
0 8 0 8
0 0 10 0 0 10 0
0 2 0 2
0 8 0 8
0 0 8 0 0 8 0
0 4 0 4
0 4 0 4
0 0 125 0 0 125 0
0 4 0 4
0 2 0 2
0 2 0 2
0 4 0 4
0 32 0 32
0 2 0 2
0 2 0 2
0 4 0 4
0 2 0 2
0 4 0 4
0 1 0 1
0 4 0 4
0 32 0 32
0 8 0 8
0 4 0 4
0 4 0 4
0 4 0 4
0 2 0 2
0 8 0 8
0 0 397 0 0 397 0
0 0 26 0 0 26 0
0 4 0 4
0 4 0 4
0 2 0 2
0 2 0 2
0 2 0 2
0 4 0 4
0 4 0 4
0 4 0 4
0 0 70 0 0 70 0
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 2 0 2
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 4 0 4
0 0 124 0 0 124 0
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 32 0 32
0 4 0 4
0 4 0 4
0 8 0 8
0 8 0 8
0 8 0 8
0 32 0 32
0 4 0 4
0 4 0 4
0 4 0 4
0 8 0 8
0 4 0 4
0 0 105 0 0 105 0
0 1 0 1
0 32 0 32
0 4 0 4
0 8 0 8
0 4 0 4
0 4 0 4
0 8 0 8
0 32 0 32
0 4 0 4
0 8 0 8
0 0 28 0 0 28 0
0 8 0 8
0 4 0 4
0 4 0 4
0 4 0 4
0 4 0 4
0 4 0 4
0 0 16 0 0 16 0
0 4 0 4
0 4 0 4
0 4 0 4
0 4 0 4
0 0 24 0 0 24 0
0 8 0 8
0 8 0 8
0 8 0 8
0 0 4 0 0 4 0
0 2 0 2
0 2 0 2
0 0 33 0 0 33 0
0 0 6 0 0 6 0
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 0 24 0 0 24 0
0 8 0 8
0 8 0 8
0 4 0 4
0 4 0 4
0 0 2 0 0 2 0
0 1 0 1
0 1 0 1
0 0 1 0 0 1 0
0 1 0 1
n/a n/a
0 0
Site 4 Site 5
0 247 0 0 247 0 0 247
0 82 0 0 82 0 0 82
0 4 0 4 0 4
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 4 0 4 0 4
0 1 0 1 0 1
0 74 0 0 74 0 0 74
0 2 0 2 0 2
0 8 0 8 0 8
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 1 0 1 0 1
0 2 0 2 0 2
0 1 0 1 0 1
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 8 0 8 0 8
0 8 0 8 0 8
0 2 0 2 0 2
0 8 0 8 0 8
0 2 0 2 0 2
0 1 0 1 0 1
0 2 0 2 0 2
0 14 0 0 14 0 0 14
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 77 0 0 77 0 0 77
0 1 0 1 0 1
0 2 0 2 0 2
0 2 0 2 0 2
0 8 0 8 0 8
0 4 0 4 0 4
0 1 0 1 0 1
0 1 0 1 0 1
0 2 0 2 0 2
0 4 0 4 0 4
0 4 0 4 0 4
0 1 0 1 0 1
0 1 0 1 0 1
0 8 0 8 0 8
0 8 0 8 0 8
0 1 0 1 0 1
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 394 0 0 394 0 0 394

0 44 0 0 44 0 0 44
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 80 0 0 80 0 0 80
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 2 0 2 0 2
0 8 0 8 0 8
0 8 0 8 0 8
0 2 0 2 0 2
0 4 0 4 0 4
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 36 0 0 36 0 0 36
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 4 0 4 0 4
0 8 0 8 0 8
0 69 0 0 69 0 0 69
0 8 0 8 0 8
0 2 0 2 0 2
0 8 0 8 0 8
0 4 0 4 0 4
0 1 0 1 0 1
0 2 0 2 0 2
0 8 0 8 0 8
0 4 0 4 0 4
0 32 0 32 0 32
0 42 0 0 42 0 0 42
0 2 0 2 0 2
0 32 0 32 0 32
0 8 0 8 0 8
0 89 0 0 89 0 0 89
0 1 0 1 0 1
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 32 0 32 0 32
0 16 0 0 16 0 0 16
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 8 0 8 0 8
0 10 0 0 10 0 0 10
0 2 0 2 0 2
0 8 0 8 0 8
0 8 0 0 8 0 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 125 0 0 125 0 0 125

0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 32 0 32 0 32
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 4 0 4 0 4
0 1 0 1 0 1
0 4 0 4 0 4
0 32 0 32 0 32
0 8 0 8 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 2 0 2 0 2
0 8 0 8 0 8
0 397 0 0 397 0 0 397

0 26 0 0 26 0 0 26
0 4 0 4 0 4
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 70 0 0 70 0 0 70
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 2 0 2 0 2
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 4 0 4 0 4
0 124 0 0 124 0 0 124
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 32 0 32 0 32
0 4 0 4 0 4
0 4 0 4 0 4
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 32 0 32 0 32
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 8 0 8 0 8
0 4 0 4 0 4
0 105 0 0 105 0 0 105
0 1 0 1 0 1
0 32 0 32 0 32
0 4 0 4 0 4
0 8 0 8 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 8 0 8 0 8
0 32 0 32 0 32
0 4 0 4 0 4
0 8 0 8 0 8
0 28 0 0 28 0 0 28
0 8 0 8 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 16 0 0 16 0 0 16
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 24 0 0 24 0 0 24
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 4 0 0 4 0 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 33 0 0 33 0 0 33
0 6 0 0 6 0 0 6
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 24 0 0 24 0 0 24
0 8 0 8 0 8
0 8 0 8 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 2 0 0 2 0 0 2
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 0 1 0 0 1
0 1 0 1 0 1
n/a n/a n/a
0 0 0

0 0 247 0 0 247 0
0 0 82 0 0 82 0
0 4 0 4
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 2 0 2
0 4 0 4
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 4 0 4
0 2 0 2
0 2 0 2
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 4 0 4
0 1 0 1
0 0 74 0 0 74 0
0 2 0 2
0 8 0 8
0 2 0 2
0 2 0 2
0 2 0 2
0 1 0 1
0 2 0 2
0 1 0 1
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 1 0 1
0 1 0 1
0 1 0 1
0 8 0 8
0 8 0 8
0 2 0 2
0 8 0 8
0 2 0 2
0 1 0 1
0 2 0 2
0 0 14 0 0 14 0
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 0 77 0 0 77 0
0 1 0 1
0 2 0 2
0 2 0 2
0 8 0 8
0 4 0 4
0 1 0 1
0 1 0 1
0 2 0 2
0 4 0 4
0 4 0 4
0 1 0 1
0 1 0 1
0 8 0 8
0 8 0 8
0 1 0 1
0 2 0 2
0 2 0 2
0 4 0 4
0 2 0 2
0 2 0 2
0 2 0 2
0 4 0 4
0 4 0 4
0 2 0 2
0 2 0 2
0 1 0 1
0 1 0 1
0 1 0 1
0 0 394 0 0 394 0
0 0 44 0 0 44 0
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 0 80 0 0 80 0
0 8 0 8
0 8 0 8
0 8 0 8
0 2 0 2
0 8 0 8
0 8 0 8
0 2 0 2
0 4 0 4
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 0 36 0 0 36 0
0 8 0 8
0 8 0 8
0 8 0 8
0 4 0 4
0 8 0 8
0 0 69 0 0 69 0
0 8 0 8
0 2 0 2
0 8 0 8
0 4 0 4
0 1 0 1
0 2 0 2
0 8 0 8
0 4 0 4
0 32 0 32
0 0 42 0 0 42 0
0 2 0 2
0 32 0 32
0 8 0 8
0 0 89 0 0 89 0
0 1 0 1
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 32 0 32
0 0 16 0 0 16 0
0 2 0 2
0 4 0 4
0 2 0 2
0 8 0 8
0 0 10 0 0 10 0
0 2 0 2
0 8 0 8
0 0 8 0 0 8 0
0 4 0 4
0 4 0 4
0 0 125 0 0 125 0
0 4 0 4
0 2 0 2
0 2 0 2
0 4 0 4
0 32 0 32
0 2 0 2
0 2 0 2
0 4 0 4
0 2 0 2
0 4 0 4
0 1 0 1
0 4 0 4
0 32 0 32
0 8 0 8
0 4 0 4
0 4 0 4
0 4 0 4
0 2 0 2
0 8 0 8
0 0 397 0 0 397 0
0 0 26 0 0 26 0
0 4 0 4
0 4 0 4
0 2 0 2
0 2 0 2
0 2 0 2
0 4 0 4
0 4 0 4
0 4 0 4
0 0 70 0 0 70 0
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 2 0 2
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 4 0 4
0 0 124 0 0 124 0
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 32 0 32
0 4 0 4
0 4 0 4
0 8 0 8
0 8 0 8
0 8 0 8
0 32 0 32
0 4 0 4
0 4 0 4
0 4 0 4
0 8 0 8
0 4 0 4
0 0 105 0 0 105 0
0 1 0 1
0 32 0 32
0 4 0 4
0 8 0 8
0 4 0 4
0 4 0 4
0 8 0 8
0 32 0 32
0 4 0 4
0 8 0 8
0 0 28 0 0 28 0
0 8 0 8
0 4 0 4
0 4 0 4
0 4 0 4
0 4 0 4
0 4 0 4
0 0 16 0 0 16 0
0 4 0 4
0 4 0 4
0 4 0 4
0 4 0 4
0 0 24 0 0 24 0
0 8 0 8
0 8 0 8
0 8 0 8
0 0 4 0 0 4 0
0 2 0 2
0 2 0 2
0 0 33 0 0 33 0
0 0 6 0 0 6 0
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 0 24 0 0 24 0
0 8 0 8
0 8 0 8
0 4 0 4
0 4 0 4
0 0 2 0 0 2 0
0 1 0 1
0 1 0 1
0 0 1 0 0 1 0
0 1 0 1
n/a n/a
0 0
Site 9 Site 10
0 247 0 0 247 0 0 247
0 82 0 0 82 0 0 82
0 4 0 4 0 4
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 4 0 4 0 4
0 1 0 1 0 1
0 74 0 0 74 0 0 74
0 2 0 2 0 2
0 8 0 8 0 8
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 1 0 1 0 1
0 2 0 2 0 2
0 1 0 1 0 1
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 8 0 8 0 8
0 8 0 8 0 8
0 2 0 2 0 2
0 8 0 8 0 8
0 2 0 2 0 2
0 1 0 1 0 1
0 2 0 2 0 2
0 14 0 0 14 0 0 14
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 77 0 0 77 0 0 77
0 1 0 1 0 1
0 2 0 2 0 2
0 2 0 2 0 2
0 8 0 8 0 8
0 4 0 4 0 4
0 1 0 1 0 1
0 1 0 1 0 1
0 2 0 2 0 2
0 4 0 4 0 4
0 4 0 4 0 4
0 1 0 1 0 1
0 1 0 1 0 1
0 8 0 8 0 8
0 8 0 8 0 8
0 1 0 1 0 1
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 394 0 0 394 0 0 394

0 44 0 0 44 0 0 44
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 80 0 0 80 0 0 80
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 2 0 2 0 2
0 8 0 8 0 8
0 8 0 8 0 8
0 2 0 2 0 2
0 4 0 4 0 4
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 36 0 0 36 0 0 36
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 4 0 4 0 4
0 8 0 8 0 8
0 69 0 0 69 0 0 69
0 8 0 8 0 8
0 2 0 2 0 2
0 8 0 8 0 8
0 4 0 4 0 4
0 1 0 1 0 1
0 2 0 2 0 2
0 8 0 8 0 8
0 4 0 4 0 4
0 32 0 32 0 32
0 42 0 0 42 0 0 42
0 2 0 2 0 2
0 32 0 32 0 32
0 8 0 8 0 8
0 89 0 0 89 0 0 89
0 1 0 1 0 1
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 32 0 32 0 32
0 16 0 0 16 0 0 16
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 8 0 8 0 8
0 10 0 0 10 0 0 10
0 2 0 2 0 2
0 8 0 8 0 8
0 8 0 0 8 0 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 125 0 0 125 0 0 125

0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 32 0 32 0 32
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 4 0 4 0 4
0 1 0 1 0 1
0 4 0 4 0 4
0 32 0 32 0 32
0 8 0 8 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 2 0 2 0 2
0 8 0 8 0 8
0 397 0 0 397 0 0 397

0 26 0 0 26 0 0 26
0 4 0 4 0 4
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 70 0 0 70 0 0 70
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 2 0 2 0 2
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 4 0 4 0 4
0 124 0 0 124 0 0 124
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 32 0 32 0 32
0 4 0 4 0 4
0 4 0 4 0 4
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 32 0 32 0 32
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 8 0 8 0 8
0 4 0 4 0 4
0 105 0 0 105 0 0 105
0 1 0 1 0 1
0 32 0 32 0 32
0 4 0 4 0 4
0 8 0 8 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 8 0 8 0 8
0 32 0 32 0 32
0 4 0 4 0 4
0 8 0 8 0 8
0 28 0 0 28 0 0 28
0 8 0 8 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 16 0 0 16 0 0 16
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 24 0 0 24 0 0 24
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 4 0 0 4 0 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 33 0 0 33 0 0 33
0 6 0 0 6 0 0 6
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 24 0 0 24 0 0 24
0 8 0 8 0 8
0 8 0 8 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 2 0 0 2 0 0 2
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 0 1 0 0 1
0 1 0 1 0 1
n/a n/a n/a
0 0 0

0 0 247 0 0 247 0
0 0 82 0 0 82 0
0 4 0 4
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 2 0 2
0 4 0 4
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 4 0 4
0 2 0 2
0 2 0 2
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 4 0 4
0 1 0 1
0 0 74 0 0 74 0
0 2 0 2
0 8 0 8
0 2 0 2
0 2 0 2
0 2 0 2
0 1 0 1
0 2 0 2
0 1 0 1
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 1 0 1
0 1 0 1
0 1 0 1
0 8 0 8
0 8 0 8
0 2 0 2
0 8 0 8
0 2 0 2
0 1 0 1
0 2 0 2
0 0 14 0 0 14 0
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 0 77 0 0 77 0
0 1 0 1
0 2 0 2
0 2 0 2
0 8 0 8
0 4 0 4
0 1 0 1
0 1 0 1
0 2 0 2
0 4 0 4
0 4 0 4
0 1 0 1
0 1 0 1
0 8 0 8
0 8 0 8
0 1 0 1
0 2 0 2
0 2 0 2
0 4 0 4
0 2 0 2
0 2 0 2
0 2 0 2
0 4 0 4
0 4 0 4
0 2 0 2
0 2 0 2
0 1 0 1
0 1 0 1
0 1 0 1
0 0 394 0 0 394 0
0 0 44 0 0 44 0
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 0 80 0 0 80 0
0 8 0 8
0 8 0 8
0 8 0 8
0 2 0 2
0 8 0 8
0 8 0 8
0 2 0 2
0 4 0 4
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 0 36 0 0 36 0
0 8 0 8
0 8 0 8
0 8 0 8
0 4 0 4
0 8 0 8
0 0 69 0 0 69 0
0 8 0 8
0 2 0 2
0 8 0 8
0 4 0 4
0 1 0 1
0 2 0 2
0 8 0 8
0 4 0 4
0 32 0 32
0 0 42 0 0 42 0
0 2 0 2
0 32 0 32
0 8 0 8
0 0 89 0 0 89 0
0 1 0 1
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 32 0 32
0 0 16 0 0 16 0
0 2 0 2
0 4 0 4
0 2 0 2
0 8 0 8
0 0 10 0 0 10 0
0 2 0 2
0 8 0 8
0 0 8 0 0 8 0
0 4 0 4
0 4 0 4
0 0 125 0 0 125 0
0 4 0 4
0 2 0 2
0 2 0 2
0 4 0 4
0 32 0 32
0 2 0 2
0 2 0 2
0 4 0 4
0 2 0 2
0 4 0 4
0 1 0 1
0 4 0 4
0 32 0 32
0 8 0 8
0 4 0 4
0 4 0 4
0 4 0 4
0 2 0 2
0 8 0 8
0 0 397 0 0 397 0
0 0 26 0 0 26 0
0 4 0 4
0 4 0 4
0 2 0 2
0 2 0 2
0 2 0 2
0 4 0 4
0 4 0 4
0 4 0 4
0 0 70 0 0 70 0
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 2 0 2
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 4 0 4
0 0 124 0 0 124 0
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 32 0 32
0 4 0 4
0 4 0 4
0 8 0 8
0 8 0 8
0 8 0 8
0 32 0 32
0 4 0 4
0 4 0 4
0 4 0 4
0 8 0 8
0 4 0 4
0 0 105 0 0 105 0
0 1 0 1
0 32 0 32
0 4 0 4
0 8 0 8
0 4 0 4
0 4 0 4
0 8 0 8
0 32 0 32
0 4 0 4
0 8 0 8
0 0 28 0 0 28 0
0 8 0 8
0 4 0 4
0 4 0 4
0 4 0 4
0 4 0 4
0 4 0 4
0 0 16 0 0 16 0
0 4 0 4
0 4 0 4
0 4 0 4
0 4 0 4
0 0 24 0 0 24 0
0 8 0 8
0 8 0 8
0 8 0 8
0 0 4 0 0 4 0
0 2 0 2
0 2 0 2
0 0 33 0 0 33 0
0 0 6 0 0 6 0
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 0 24 0 0 24 0
0 8 0 8
0 8 0 8
0 4 0 4
0 4 0 4
0 0 2 0 0 2 0
0 1 0 1
0 1 0 1
0 0 1 0 0 1 0
0 1 0 1
n/a n/a
0 0
Site 14 Site 15
0 247 0 0 247 0 0 247
0 82 0 0 82 0 0 82
0 4 0 4 0 4
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 4 0 4 0 4
0 1 0 1 0 1
0 74 0 0 74 0 0 74
0 2 0 2 0 2
0 8 0 8 0 8
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 1 0 1 0 1
0 2 0 2 0 2
0 1 0 1 0 1
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 8 0 8 0 8
0 8 0 8 0 8
0 2 0 2 0 2
0 8 0 8 0 8
0 2 0 2 0 2
0 1 0 1 0 1
0 2 0 2 0 2
0 14 0 0 14 0 0 14
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 77 0 0 77 0 0 77
0 1 0 1 0 1
0 2 0 2 0 2
0 2 0 2 0 2
0 8 0 8 0 8
0 4 0 4 0 4
0 1 0 1 0 1
0 1 0 1 0 1
0 2 0 2 0 2
0 4 0 4 0 4
0 4 0 4 0 4
0 1 0 1 0 1
0 1 0 1 0 1
0 8 0 8 0 8
0 8 0 8 0 8
0 1 0 1 0 1
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 394 0 0 394 0 0 394

0 44 0 0 44 0 0 44
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 80 0 0 80 0 0 80
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 2 0 2 0 2
0 8 0 8 0 8
0 8 0 8 0 8
0 2 0 2 0 2
0 4 0 4 0 4
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 36 0 0 36 0 0 36
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 4 0 4 0 4
0 8 0 8 0 8
0 69 0 0 69 0 0 69
0 8 0 8 0 8
0 2 0 2 0 2
0 8 0 8 0 8
0 4 0 4 0 4
0 1 0 1 0 1
0 2 0 2 0 2
0 8 0 8 0 8
0 4 0 4 0 4
0 32 0 32 0 32
0 42 0 0 42 0 0 42
0 2 0 2 0 2
0 32 0 32 0 32
0 8 0 8 0 8
0 89 0 0 89 0 0 89
0 1 0 1 0 1
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 32 0 32 0 32
0 16 0 0 16 0 0 16
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 8 0 8 0 8
0 10 0 0 10 0 0 10
0 2 0 2 0 2
0 8 0 8 0 8
0 8 0 0 8 0 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 125 0 0 125 0 0 125

0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 32 0 32 0 32
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 4 0 4 0 4
0 1 0 1 0 1
0 4 0 4 0 4
0 32 0 32 0 32
0 8 0 8 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 2 0 2 0 2
0 8 0 8 0 8
0 397 0 0 397 0 0 397

0 26 0 0 26 0 0 26
0 4 0 4 0 4
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 70 0 0 70 0 0 70
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 2 0 2 0 2
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 4 0 4 0 4
0 124 0 0 124 0 0 124
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 32 0 32 0 32
0 4 0 4 0 4
0 4 0 4 0 4
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 32 0 32 0 32
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 8 0 8 0 8
0 4 0 4 0 4
0 105 0 0 105 0 0 105
0 1 0 1 0 1
0 32 0 32 0 32
0 4 0 4 0 4
0 8 0 8 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 8 0 8 0 8
0 32 0 32 0 32
0 4 0 4 0 4
0 8 0 8 0 8
0 28 0 0 28 0 0 28
0 8 0 8 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 16 0 0 16 0 0 16
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 24 0 0 24 0 0 24
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 4 0 0 4 0 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 33 0 0 33 0 0 33
0 6 0 0 6 0 0 6
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 24 0 0 24 0 0 24
0 8 0 8 0 8
0 8 0 8 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 2 0 0 2 0 0 2
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 0 1 0 0 1
0 1 0 1 0 1
n/a n/a n/a
0 0 0

0 0 247 0 0 247 0
0 0 82 0 0 82 0
0 4 0 4
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 2 0 2
0 4 0 4
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 4 0 4
0 2 0 2
0 2 0 2
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 4 0 4
0 1 0 1
0 0 74 0 0 74 0
0 2 0 2
0 8 0 8
0 2 0 2
0 2 0 2
0 2 0 2
0 1 0 1
0 2 0 2
0 1 0 1
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 1 0 1
0 1 0 1
0 1 0 1
0 8 0 8
0 8 0 8
0 2 0 2
0 8 0 8
0 2 0 2
0 1 0 1
0 2 0 2
0 0 14 0 0 14 0
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 0 77 0 0 77 0
0 1 0 1
0 2 0 2
0 2 0 2
0 8 0 8
0 4 0 4
0 1 0 1
0 1 0 1
0 2 0 2
0 4 0 4
0 4 0 4
0 1 0 1
0 1 0 1
0 8 0 8
0 8 0 8
0 1 0 1
0 2 0 2
0 2 0 2
0 4 0 4
0 2 0 2
0 2 0 2
0 2 0 2
0 4 0 4
0 4 0 4
0 2 0 2
0 2 0 2
0 1 0 1
0 1 0 1
0 1 0 1
0 0 394 0 0 394 0
0 0 44 0 0 44 0
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 2 0 2
0 0 80 0 0 80 0
0 8 0 8
0 8 0 8
0 8 0 8
0 2 0 2
0 8 0 8
0 8 0 8
0 2 0 2
0 4 0 4
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 0 36 0 0 36 0
0 8 0 8
0 8 0 8
0 8 0 8
0 4 0 4
0 8 0 8
0 0 69 0 0 69 0
0 8 0 8
0 2 0 2
0 8 0 8
0 4 0 4
0 1 0 1
0 2 0 2
0 8 0 8
0 4 0 4
0 32 0 32
0 0 42 0 0 42 0
0 2 0 2
0 32 0 32
0 8 0 8
0 0 89 0 0 89 0
0 1 0 1
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 32 0 32
0 0 16 0 0 16 0
0 2 0 2
0 4 0 4
0 2 0 2
0 8 0 8
0 0 10 0 0 10 0
0 2 0 2
0 8 0 8
0 0 8 0 0 8 0
0 4 0 4
0 4 0 4
0 0 125 0 0 125 0
0 4 0 4
0 2 0 2
0 2 0 2
0 4 0 4
0 32 0 32
0 2 0 2
0 2 0 2
0 4 0 4
0 2 0 2
0 4 0 4
0 1 0 1
0 4 0 4
0 32 0 32
0 8 0 8
0 4 0 4
0 4 0 4
0 4 0 4
0 2 0 2
0 8 0 8
0 0 397 0 0 397 0
0 0 26 0 0 26 0
0 4 0 4
0 4 0 4
0 2 0 2
0 2 0 2
0 2 0 2
0 4 0 4
0 4 0 4
0 4 0 4
0 0 70 0 0 70 0
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 2 0 2
0 8 0 8
0 8 0 8
0 8 0 8
0 8 0 8
0 4 0 4
0 0 124 0 0 124 0
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 32 0 32
0 4 0 4
0 4 0 4
0 8 0 8
0 8 0 8
0 8 0 8
0 32 0 32
0 4 0 4
0 4 0 4
0 4 0 4
0 8 0 8
0 4 0 4
0 0 105 0 0 105 0
0 1 0 1
0 32 0 32
0 4 0 4
0 8 0 8
0 4 0 4
0 4 0 4
0 8 0 8
0 32 0 32
0 4 0 4
0 8 0 8
0 0 28 0 0 28 0
0 8 0 8
0 4 0 4
0 4 0 4
0 4 0 4
0 4 0 4
0 4 0 4
0 0 16 0 0 16 0
0 4 0 4
0 4 0 4
0 4 0 4
0 4 0 4
0 0 24 0 0 24 0
0 8 0 8
0 8 0 8
0 8 0 8
0 0 4 0 0 4 0
0 2 0 2
0 2 0 2
0 0 33 0 0 33 0
0 0 6 0 0 6 0
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 1 0 1
0 0 24 0 0 24 0
0 8 0 8
0 8 0 8
0 4 0 4
0 4 0 4
0 0 2 0 0 2 0
0 1 0 1
0 1 0 1
0 0 1 0 0 1 0
0 1 0 1
n/a n/a
0 0
Site 19 Site 20
0 247 0 0 247 0 0 247
0 82 0 0 82 0 0 82
0 4 0 4 0 4
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 4 0 4 0 4
0 1 0 1 0 1
0 74 0 0 74 0 0 74
0 2 0 2 0 2
0 8 0 8 0 8
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 1 0 1 0 1
0 2 0 2 0 2
0 1 0 1 0 1
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 8 0 8 0 8
0 8 0 8 0 8
0 2 0 2 0 2
0 8 0 8 0 8
0 2 0 2 0 2
0 1 0 1 0 1
0 2 0 2 0 2
0 14 0 0 14 0 0 14
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 77 0 0 77 0 0 77
0 1 0 1 0 1
0 2 0 2 0 2
0 2 0 2 0 2
0 8 0 8 0 8
0 4 0 4 0 4
0 1 0 1 0 1
0 1 0 1 0 1
0 2 0 2 0 2
0 4 0 4 0 4
0 4 0 4 0 4
0 1 0 1 0 1
0 1 0 1 0 1
0 8 0 8 0 8
0 8 0 8 0 8
0 1 0 1 0 1
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 394 0 0 394 0 0 394

0 44 0 0 44 0 0 44
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 80 0 0 80 0 0 80
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 2 0 2 0 2
0 8 0 8 0 8
0 8 0 8 0 8
0 2 0 2 0 2
0 4 0 4 0 4
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 36 0 0 36 0 0 36
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 4 0 4 0 4
0 8 0 8 0 8
0 69 0 0 69 0 0 69
0 8 0 8 0 8
0 2 0 2 0 2
0 8 0 8 0 8
0 4 0 4 0 4
0 1 0 1 0 1
0 2 0 2 0 2
0 8 0 8 0 8
0 4 0 4 0 4
0 32 0 32 0 32
0 42 0 0 42 0 0 42
0 2 0 2 0 2
0 32 0 32 0 32
0 8 0 8 0 8
0 89 0 0 89 0 0 89
0 1 0 1 0 1
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 32 0 32 0 32
0 16 0 0 16 0 0 16
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 8 0 8 0 8
0 10 0 0 10 0 0 10
0 2 0 2 0 2
0 8 0 8 0 8
0 8 0 0 8 0 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 125 0 0 125 0 0 125

0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 32 0 32 0 32
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 2 0 2 0 2
0 4 0 4 0 4
0 1 0 1 0 1
0 4 0 4 0 4
0 32 0 32 0 32
0 8 0 8 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 2 0 2 0 2
0 8 0 8 0 8
0 397 0 0 397 0 0 397

0 26 0 0 26 0 0 26
0 4 0 4 0 4
0 4 0 4 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 2 0 2 0 2
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 70 0 0 70 0 0 70
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 2 0 2 0 2
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 4 0 4 0 4
0 124 0 0 124 0 0 124
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 32 0 32 0 32
0 4 0 4 0 4
0 4 0 4 0 4
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 32 0 32 0 32
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 8 0 8 0 8
0 4 0 4 0 4
0 105 0 0 105 0 0 105
0 1 0 1 0 1
0 32 0 32 0 32
0 4 0 4 0 4
0 8 0 8 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 8 0 8 0 8
0 32 0 32 0 32
0 4 0 4 0 4
0 8 0 8 0 8
0 28 0 0 28 0 0 28
0 8 0 8 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 16 0 0 16 0 0 16
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 4 0 4 0 4
0 24 0 0 24 0 0 24
0 8 0 8 0 8
0 8 0 8 0 8
0 8 0 8 0 8
0 4 0 0 4 0 0 4
0 2 0 2 0 2
0 2 0 2 0 2
0 33 0 0 33 0 0 33
0 6 0 0 6 0 0 6
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 1 0 1
0 24 0 0 24 0 0 24
0 8 0 8 0 8
0 8 0 8 0 8
0 4 0 4 0 4
0 4 0 4 0 4
0 2 0 0 2 0 0 2
0 1 0 1 0 1
0 1 0 1 0 1
0 1 0 0 1 0 0 1
0 1 0 1 0 1
PS Estimate in h
0.0 Sub-Total
0.0 Sub-Total
0.0 Sub-Total
0.0 Sub-Total
0.0 Sub-Total
0.0 h Total
Security Impact Target Score
n/a 1
low 2
medium 4
high 8
critical 32

Palo Alto Checklist

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Palo Alto Checklist

Uploaded by

Copyright:

Available Formats

Palo Alto Networks Next-Genera

Network Security and Best Practice Ana

We are a Palo Alto Networks Certified Professional Service Provider (

Network Security Best Practise/Site

Web Access Policy for Enduser Devices

Monitoring and Reporting

Analysis Total Score

CSG medium medium

ID 104 1.6.1 Yes 1 CSG low none

ID 136 CSG n/a none

ID 6 CSG n/a none

2.1 Yes 2 CSG low none

CSG high none

CSG high low

6.9 Yes 1 CSG high none

CSG low low

CSTR low low

CSTR/CSG low medium

ID 208 CSG medium low

1.6.3 No 1/2 CSTR medium none

ID 85 6.17 Yes 2 CSG medium low

CSG high none

CSG n/a none

CSTR n/a low

CSG high medium

ID 82 CSG medium medium

CSG/CSTR high medium

6.14 Yes 1 CSG low none

CSG n/a none

5.6 Yes 1 CSG high none

ID 27 CSG n/a none

CSG n/a none

1195 n/a n/a

Site 1 Site 2 Site 3

0 394 0 0 394 0 0 394

0 125 0 0 125 0 0 125

0 397 0 0 397 0 0 397

Site 6 Site 7 Site 8

0 394 0 0 394 0 0 394

0 125 0 0 125 0 0 125

0 397 0 0 397 0 0 397

Site 11 Site 12 Site 13

0 394 0 0 394 0 0 394

0 125 0 0 125 0 0 125

0 397 0 0 397 0 0 397

Site 16 Site 17 Site 18

0 394 0 0 394 0 0 394

0 125 0 0 125 0 0 125

0 397 0 0 397 0 0 397

You might also like