https://live.paloaltonetworks.com/t5/general-topics/is-traffic-pattern-behavior-based-detection-is-possible-in/m-p/38387#M28115 <HTML><HEAD></HEAD><BODY><P>There is no traffic baselining/anomaly detection available in the product at this time. But you could feed traffic logs into splunk and analyse from there.</P></BODY></HTML> Wed, 25 Sep 2013 07:30:24 GMT gafrol 2013-09-25T07:30:24Z https://live.paloaltonetworks.com/t5/general-topics/is-traffic-pattern-behavior-based-detection-is-possible-in/m-p/38386#M28114 <HTML><HEAD></HEAD><BODY><P>Hi All,.</P><P></P><P>Is Traffic Pattern / behavior based detection is possible in PaloAlto as in the Cisco,.</P><P></P><P>In Cisco it works as fallows,.if we have enabled traffic sensor for particular time period it will calculate the percentage of traffic based on protocols as shown below</P><P></P><P>HTTP - 30%&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; FTP - 20%&nbsp;&nbsp; HTTPS- 50%&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; and this information will be used in future traffic analysis, for eg : If HTTP traffic goes above or below the 30% then it send alerts to administrator and same for the FTP (above or below 20% and HTTPS 50%).</P><P></P><P></P><P>Regards,</P><P>Gururaj</P></BODY></HTML> Wed, 25 Sep 2013 05:35:59 GMT https://live.paloaltonetworks.com/t5/general-topics/is-traffic-pattern-behavior-based-detection-is-possible-in/m-p/38386#M28114 Gururaj 2013-09-25T05:35:59Z https://live.paloaltonetworks.com/t5/general-topics/is-traffic-pattern-behavior-based-detection-is-possible-in/m-p/38387#M28115 <HTML><HEAD></HEAD><BODY><P>There is no traffic baselining/anomaly detection available in the product at this time. But you could feed traffic logs into splunk and analyse from there.</P></BODY></HTML> Wed, 25 Sep 2013 07:30:24 GMT https://live.paloaltonetworks.com/t5/general-topics/is-traffic-pattern-behavior-based-detection-is-possible-in/m-p/38387#M28115 gafrol 2013-09-25T07:30:24Z