https://live.paloaltonetworks.com/t5/general-topics/vulnerability-av-etc-setup-best-initial-approach/m-p/48917#M36025 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P>if you need to enforce something, I suggest you tu use vwire mode (transparent).</P><P>Putting PAN in vwire is quite simple but it's better if some Network Administrator can help you (to have no downtime in the network).</P><P></P><P>Create 2 policy (from trust to untrust and vice-versa) with IPS profile you desire but ALLOW all traffic to flow through.</P><P></P><P>Then, look at Threat Log and start the tuning process <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P><P></P><P>Have fun!</P></BODY></HTML> Sun, 04 Sep 2011 16:12:30 GMT migration 2011-09-04T16:12:30Z https://live.paloaltonetworks.com/t5/general-topics/vulnerability-av-etc-setup-best-initial-approach/m-p/48915#M36023 <HTML><HEAD></HEAD><BODY><P>I'm new to the 5060 and I'd like to phase in some IPS functionality over the next week.&nbsp; This is a production system sitting in front of fairly busy site, so I'm a little nervous....&nbsp; especially being totally new to the PAN OS.</P><P></P><P>What's the best approach in configuring some of the IPS features and applying them to my front-end traffic?&nbsp; Is there an easy way to apply this in a "transparent" mode so I can just see what it sees and then start to enforce blocking as needed from there?</P><P></P><P>Thanks in advance.</P></BODY></HTML> Mon, 29 Aug 2011 15:23:28 GMT https://live.paloaltonetworks.com/t5/general-topics/vulnerability-av-etc-setup-best-initial-approach/m-p/48915#M36023 cmaier 2011-08-29T15:23:28Z https://live.paloaltonetworks.com/t5/general-topics/vulnerability-av-etc-setup-best-initial-approach/m-p/48916#M36024 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>There is no simple answer as it differs from network to network.&nbsp; But as you are new to PAN-OS, so it will be great if you could put our box in tap mode, create policy with security profiles (vulnerability, anti-spyware, AV) enabled using "alert" as the action. Then you will see what "we" see and draft your necessary plan.</P></BODY></HTML> Tue, 30 Aug 2011 02:47:13 GMT https://live.paloaltonetworks.com/t5/general-topics/vulnerability-av-etc-setup-best-initial-approach/m-p/48916#M36024 jleung 2011-08-30T02:47:13Z https://live.paloaltonetworks.com/t5/general-topics/vulnerability-av-etc-setup-best-initial-approach/m-p/48917#M36025 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P>if you need to enforce something, I suggest you tu use vwire mode (transparent).</P><P>Putting PAN in vwire is quite simple but it's better if some Network Administrator can help you (to have no downtime in the network).</P><P></P><P>Create 2 policy (from trust to untrust and vice-versa) with IPS profile you desire but ALLOW all traffic to flow through.</P><P></P><P>Then, look at Threat Log and start the tuning process <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P><P></P><P>Have fun!</P></BODY></HTML> Sun, 04 Sep 2011 16:12:30 GMT https://live.paloaltonetworks.com/t5/general-topics/vulnerability-av-etc-setup-best-initial-approach/m-p/48917#M36025 migration 2011-09-04T16:12:30Z