https://live.paloaltonetworks.com/t5/general-topics/upgrade-to-6-1-1-and-problem-with-vulnerability-protection/m-p/37673#M27603 <HTML><HEAD></HEAD><BODY><P>Thank you roe answer</P><P></P><P>Yes, the configuration was not changed after upgrade, but THAT signature started blocking valuable server, so I decided to change the rule.</P><P></P><P>Probably,&nbsp; "exception" feature has changed the logic in new version?</P></BODY></HTML> Fri, 02 Jan 2015 14:38:53 GMT Oleksandr 2015-01-02T14:38:53Z https://live.paloaltonetworks.com/t5/general-topics/upgrade-to-6-1-1-and-problem-with-vulnerability-protection/m-p/37671#M27601 <HTML><HEAD></HEAD><BODY><P>Hi guys,</P><P></P><P>I had a problem with Vulnerability Protection profile.</P><P></P><P>I created Custom Vulnerability signature with exception for only one (1) IP address. But after upgrading to 6.1.1 version (from 6.0.5) this exception stopped working... I had to copletelywrite a new rule to exempt this IP from scanning...</P><P>The signature was based on 40015 (SSH Brute-force).</P><P></P><P></P><P>Any ideas?</P><P></P><P>Thank you!</P><P></P><P>Alex</P></BODY></HTML> Wed, 31 Dec 2014 17:31:27 GMT https://live.paloaltonetworks.com/t5/general-topics/upgrade-to-6-1-1-and-problem-with-vulnerability-protection/m-p/37671#M27601 Oleksandr 2014-12-31T17:31:27Z https://live.paloaltonetworks.com/t5/general-topics/upgrade-to-6-1-1-and-problem-with-vulnerability-protection/m-p/37672#M27602 <HTML><HEAD></HEAD><BODY><P>Was the configuration still present but not working or was the customization of the signature lost in the upgrade?</P><P></P><P>Either way, you should probably create a support case with this information so a bug can be logged and the upgrade issue corrected in future releases.</P></BODY></HTML> Thu, 01 Jan 2015 13:22:14 GMT https://live.paloaltonetworks.com/t5/general-topics/upgrade-to-6-1-1-and-problem-with-vulnerability-protection/m-p/37672#M27602 pulukas 2015-01-01T13:22:14Z https://live.paloaltonetworks.com/t5/general-topics/upgrade-to-6-1-1-and-problem-with-vulnerability-protection/m-p/37673#M27603 <HTML><HEAD></HEAD><BODY><P>Thank you roe answer</P><P></P><P>Yes, the configuration was not changed after upgrade, but THAT signature started blocking valuable server, so I decided to change the rule.</P><P></P><P>Probably,&nbsp; "exception" feature has changed the logic in new version?</P></BODY></HTML> Fri, 02 Jan 2015 14:38:53 GMT https://live.paloaltonetworks.com/t5/general-topics/upgrade-to-6-1-1-and-problem-with-vulnerability-protection/m-p/37673#M27603 Oleksandr 2015-01-02T14:38:53Z https://live.paloaltonetworks.com/t5/general-topics/upgrade-to-6-1-1-and-problem-with-vulnerability-protection/m-p/37674#M27604 <HTML><HEAD></HEAD><BODY><P>We have many exceptions setup in our signatures and it is NOT normal for the behavior to change in an upgrade.&nbsp; Based on your description, this is most likely a software bug that should be reported with a ticket to Palo Alto support.</P></BODY></HTML> Fri, 02 Jan 2015 21:27:52 GMT https://live.paloaltonetworks.com/t5/general-topics/upgrade-to-6-1-1-and-problem-with-vulnerability-protection/m-p/37674#M27604 pulukas 2015-01-02T21:27:52Z