Ignite '17 edition, Kiwi's favorites Part 1

Community Team Member

Here are a few of my favorite questions posted on our wall @ Ignite.


In 7.x, can I set URL blocks to critical rather than informational so my SIEM can see "critical" drops?


No! But you can use the new log forwarding filter in PAN-OS 8.0 to solve your problem.


This question was posted several times and occasionally pops up on the discussion forum as well. Before PAN-OS 8.0, the log forwarding feature wasn't very granular and most of the time you’d end up with a flood of unwanted logs that you still have to filter through manually.


With PAN-OS 8.x, you can build a filter for log forwarding in a similar way as in the monitor tab.




Check out the following tutorial on filtered log forwarding: Filtered Log Forwarding


When will WildFire be able to analyse file types other than .pdf & .doc?


WildFire supports

  • PE files
  • Email links
  • Android packages
  • Mac-OSX files
  • PDF
  • and many more


As for the WildFire Portal, it supports Windows Executables, Portable Document Format (PDF), Microsoft Office files, and Android APK files.


Note that WildFire can be enabled free of charge and doesn't require a license to be activated.  That said, there are some limitations to the free version.


The free version only supports uploading of PE files. This is a container for .exe, .dll, .scr and other extensions that match the PE header magic number.

The free version also doesn't provide you the WildFire signature feed (5 minute update) but you are limited to the licensed Threat Prevention updates.


Live offers plenty of information about WildFire.  Here are just  a few of the many links you might find useful :



What's the recommended naming scheme to follow when creating security policies?


There is no recommended naming scheme.  Just decide on what suits your environment and use it consistently for your rules.  If all else fails ... keep it simple!


Personally, I prefer to use tags in my rules ... if I want to see only a set of rules, then I just filter the view by specifying the tag.


Check out this awesome tutorial on Tag Browser: Tag Browser


Please feel free to leave questions or comments. Let me know what you'd like me to tackle next.


Kiwi out.

Ask Questions Get Answers Join the Live Community