LiveWeek 17 November 2017

Community Team Member

Great new and updated articles this week in AWS and Azure, cloud services, management and learning -- let's get right to it! 



NEW!! Self-Inflicted AWS Auto-Scaling Failures

In AWS, the auto scaling process can fail for multiple reasons. Check out some self-inflicted causes for auto-scaling failures in AWS. We also discuss how to avoid these self-inflicted failures by following a few simple best practices.  



NEW!! Understanding FILES and TOP FILE TYPES in SaaS report

How the columns FILES and TOP FILE TYPES are generated inside the SaaS report. There can be cases where the FILES column shows a significant number of files but TOP FILE TYPE does not show any entry. How can this happen?



NEW!! Sizing Storage for the Logging Service

When purchasing Palo Alto Networks devices or services, log storage is an important consideration. Ensuring sufficient log retention enables operations by ensuring data is available to administrators for troubleshooting and incident response. But how do you size for storage of the logging service?


NEW!! Creating a lab to test ICS/SCADA protocols

Organizations with industrial control systems (ICS) have been on a path to secure the border between IT (corporate network) and OT (ICS network) for some time. This document shows how to simulate the IT/OT boundary in order to test appID, userID, and other features within the Palo Alto Networks firewall. This entire lab can be virtualized on a single laptop.


NEW!! What is an Antivirus collision in the case of a False Positive, and how can we deal with it?

Antivirus collision is a case where a signature created for one malware file, or a malware family, triggers on a benign file unrelated to original file for which the signature was created. In order to understand it a little better, read the background information and detailed explanation offered in this article.


UPDATED!! Difference Between SSL Forward-Proxy and Inbound Inspection Decryption Mode

When configuring SSL decryption policy in order to define SSL traffic eligible for decryption, you have to make a choice between 2 different types/modes:

  • SSL Forward-Proxy
  • SSL Inbound Inspection

Here we learn the difference between the two modes.


A reader's comment on the article: Excellent!

Thank you! We're happy it's of help to you!



UPDATED!! IPSec VPN IKE Phase 1 is Down but Tunnel is Active

Inside  WebGUI > Network> IPSec Tunnels, the IKE Gateway Status (Phase 1) light is red, whereas the IPSec Tunnel (Phase 2) light is green. However, traffic still continues to flow through the tunnel properly.  After some time, the IKE Gateway Status light returns to green. Is this normal?


A comment on this article by JasonAtherton

I actually found the answer online without calling in.  This is great.

Thanks for the article.

 Thanks for your comment, @JATH! Glad we could help!




Ask questions and #GetAnswers here in the Live Community, but now we have a question and challenge for you! Responding to either reaps great rewards for you, including a nice accumulation of community badges.


What is your favorite Palo Alto Networks feature?

Did it help solve a problem you were facing?

Be sure your story is counted among the best of them -- it will help you on your way to earning more community badges -- or even your first!



Reaper's challenge still stands, and that nice, cozy-warm hoodie is yet unclaimed! It could be yours -- easily, too! Show off those hacking skills, or just send us a funny pic (c'mon) or a spoof of your liking and ours. Easy peasy, and it earns you a special badge, fame, recognition and who knows where that may take you|? But, remember, you must play to win!



#GetAnswers | YouTube

3610 subscribers (up ~100 from last week!)

279,146 views (up ~10,000 from last week!)

Live Community YouTube channel


Ask your questions about our videos here in the Live Community. Make connections. Share knowledge. Learn more.




LinkedIn/Facebook/Google+ Posts              

  • 2018 Cybersecurity predictions and recommendations: Cyber hygiene for financial institutions found non-compliant with SWIFT mandatory security controls
  • Palo Alto Networks volunteers spent the day assembling 1,000 special ops teddy bears for U.S. military active duty families. Learn more about Operation Teddy Bear:
  • Learn why ransomware hurts so much and is so hard to stop  

2018 Predictions & Recommendations


Culture & Diversity



Service Provider





@jdelio@reaper@kiwi @cstancill @Lucky @kwall00 @syadav @jperry1 


Till next time--



Ask Questions Get Answers Join the Live Community