Armis automatically updates the Palo Alto Networks NGFW by adding the compromised device to an
External Dynamic List (EDL). The EDL is hosted on the Armis virtual appliance so that it may be used in a
NGFW policy to deny, drop or reset a connection.