<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: Global Protect Brute Force in GlobalProtect Discussions</title>
    <link>https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-brute-force/m-p/629350#M6136</link>
    <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/190007"&gt;@MFacella1&lt;/a&gt;,&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;I would say, after all you've done thus far, authenticating via device certs should suffice as only&amp;nbsp;approved devices can initiate VPN connections. If you want additional measures, you sure can&amp;nbsp;obfuscate the portal name.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
    <pubDate>Wed, 20 Nov 2024 04:27:39 GMT</pubDate>
    <dc:creator>JayGolf</dc:creator>
    <dc:date>2024-11-20T04:27:39Z</dc:date>
    <item>
      <title>Global Protect Brute Force</title>
      <link>https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-brute-force/m-p/627322#M6130</link>
      <description>&lt;P&gt;Hello,&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;I have see this discussed a bit but was wondering if there is any way to prevent a brute force attack on the VPN gateway. I have disabled the portal page and set up a vulnerability policy but that does not seem to get triggered I also have edl policies. We are using 2-factor so I think it is secure but I would like to prevent this if possible. I was thinking maybe changing the portal name and adding device certs if that would help.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Thanks&lt;/P&gt;</description>
      <pubDate>Tue, 19 Nov 2024 15:19:20 GMT</pubDate>
      <guid>https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-brute-force/m-p/627322#M6130</guid>
      <dc:creator>MFacella1</dc:creator>
      <dc:date>2024-11-19T15:19:20Z</dc:date>
    </item>
    <item>
      <title>Re: Global Protect Brute Force</title>
      <link>https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-brute-force/m-p/629350#M6136</link>
      <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/190007"&gt;@MFacella1&lt;/a&gt;,&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;I would say, after all you've done thus far, authenticating via device certs should suffice as only&amp;nbsp;approved devices can initiate VPN connections. If you want additional measures, you sure can&amp;nbsp;obfuscate the portal name.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Wed, 20 Nov 2024 04:27:39 GMT</pubDate>
      <guid>https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-brute-force/m-p/629350#M6136</guid>
      <dc:creator>JayGolf</dc:creator>
      <dc:date>2024-11-20T04:27:39Z</dc:date>
    </item>
  </channel>
</rss>

