https://live.paloaltonetworks.com/t5/general-topics/blocking-os-specific-traffic/m-p/20446#M14913 <HTML><HEAD></HEAD><BODY><PRE __jive_macro_name="quote" class="jive_text_macro jive_macro_quote"> <P>bgranholm schrieb:</P> <P></P> <P>We were thinking that we could just block them at the firewall but the firewall doesn't recognize OS that I know of.</P> <P></P> </PRE><P>GlobalProtect knows the OS <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span> So does the Firewall</P></BODY></HTML> Wed, 25 Jun 2014 13:16:28 GMT gafrol 2014-06-25T13:16:28Z https://live.paloaltonetworks.com/t5/general-topics/blocking-os-specific-traffic/m-p/20442#M14909 <HTML><HEAD></HEAD><BODY><P>Does anyone know if there is a way to block traffic sourced from a specific OS in our network?</P><P>We were discussing legacy Windows XP machines. Since they are no longer supported or being updated it would be nice to be able to block them from the internet but allow internal connections to them. (We have a couple of legacy programs we need to keep for customers that either dont exist any more or were never updated to run on anything but windows XP)</P><P>We were thinking that we could just block them at the firewall but the firewall doesn't recognize OS that I know of.</P><P>We could certainly give them static IPs and block them based on that but it would be nice to be able to block traffic to any Windows XP machine on our network just by virtue of its OS.</P><P></P><P>Any thoughts?</P><P></P><P>Thanks,</P><P></P><P>Ben</P></BODY></HTML> Tue, 24 Jun 2014 13:55:28 GMT https://live.paloaltonetworks.com/t5/general-topics/blocking-os-specific-traffic/m-p/20442#M14909 bgranholm 2014-06-24T13:55:28Z https://live.paloaltonetworks.com/t5/general-topics/blocking-os-specific-traffic/m-p/20443#M14910 <HTML><HEAD></HEAD><BODY><P>For web applications there is a user posted solution for detecting the Windows XP agent and blocking access.</P><P></P><P><A href="https://live.paloaltonetworks.com/docs/DOC-6948">Custom vulnerability signature for identifying Windows XP clients</A></P></BODY></HTML> Tue, 24 Jun 2014 14:05:34 GMT https://live.paloaltonetworks.com/t5/general-topics/blocking-os-specific-traffic/m-p/20443#M14910 pulukas 2014-06-24T14:05:34Z https://live.paloaltonetworks.com/t5/general-topics/blocking-os-specific-traffic/m-p/20444#M14911 <HTML><HEAD></HEAD><BODY><P>Thanks Steven, that is perfect!</P></BODY></HTML> Tue, 24 Jun 2014 14:57:16 GMT https://live.paloaltonetworks.com/t5/general-topics/blocking-os-specific-traffic/m-p/20444#M14911 bgranholm 2014-06-24T14:57:16Z https://live.paloaltonetworks.com/t5/general-topics/blocking-os-specific-traffic/m-p/20445#M14912 <HTML><HEAD></HEAD><BODY><P>if a user changes the user agent which isnt' rocket science then this won't work. this will also only work for web traffic. Look into global protect HIPS or Forescout which is a technology partner with Palo Alto Networks or a NAC solution if you want them off the network. </P></BODY></HTML> Tue, 24 Jun 2014 15:26:34 GMT https://live.paloaltonetworks.com/t5/general-topics/blocking-os-specific-traffic/m-p/20445#M14912 jkim2 2014-06-24T15:26:34Z https://live.paloaltonetworks.com/t5/general-topics/blocking-os-specific-traffic/m-p/20446#M14913 <HTML><HEAD></HEAD><BODY><PRE __jive_macro_name="quote" class="jive_text_macro jive_macro_quote"> <P>bgranholm schrieb:</P> <P></P> <P>We were thinking that we could just block them at the firewall but the firewall doesn't recognize OS that I know of.</P> <P></P> </PRE><P>GlobalProtect knows the OS <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span> So does the Firewall</P></BODY></HTML> Wed, 25 Jun 2014 13:16:28 GMT https://live.paloaltonetworks.com/t5/general-topics/blocking-os-specific-traffic/m-p/20446#M14913 gafrol 2014-06-25T13:16:28Z