LiveWeek 17 November 2017

by 4 weeks ago - last edited 3 weeks ago (1,330 Views)

Great new and updated articles this week in AWS and Azure, cloud services, management and learning -- let's get right to it! 

 

AWS/AZURE

NEW!! Self-Inflicted AWS Auto-Scaling Failures

In AWS, the auto scaling process can fail for multiple reasons. Check out some self-inflicted causes for auto-scaling failures in AWS. We also discuss how to avoid these self-inflicted failures by following a few simple best practices.  

 

CLOUD SERVICES

NEW!! Understanding FILES and TOP FILE TYPES in SaaS report

How the columns FILES and TOP FILE TYPES are generated inside the SaaS report. There can be cases where the FILES column shows a significant number of files but TOP FILE TYPE does not show any entry. How can this happen?

 

LEARNING

NEW!! Sizing Storage for the Logging Service

When purchasing Palo Alto Networks devices or services, log storage is an important consideration. Ensuring sufficient log retention enables operations by ensuring data is available to administrators for troubleshooting and incident response. But how do you size for storage of the logging service?

 

NEW!! Creating a lab to test ICS/SCADA protocols

Organizations with industrial control systems (ICS) have been on a path to secure the border between IT (corporate network) and OT (ICS network) for some time. This document shows how to simulate the IT/OT boundary in order to test appID, userID, and other features within the Palo Alto Networks firewall. This entire lab can be virtualized on a single laptop.

 

NEW!! What is an Antivirus collision in the case of a False Positive, and how can we deal with it?

Antivirus collision is a case where a signature created for one malware file, or a malware family, triggers on a benign file unrelated to original file for which the signature was created. In order to understand it a little better, read the background information and detailed explanation offered in this article.

 

UPDATED!! Difference Between SSL Forward-Proxy and Inbound Inspection Decryption Mode

When configuring SSL decryption policy in order to define SSL traffic eligible for decryption, you have to make a choice between 2 different types/modes:

  • SSL Forward-Proxy
  • SSL Inbound Inspection

Here we learn the difference between the two modes.

 

A reader's comment on the article: Excellent!

Thank you! We're happy it's of help to you!

 

MANAGEMENT

UPDATED!! IPSec VPN IKE Phase 1 is Down but Tunnel is Active

Inside  WebGUI > Network> IPSec Tunnels, the IKE Gateway Status (Phase 1) light is red, whereas the IPSec Tunnel (Phase 2) light is green. However, traffic still continues to flow through the tunnel properly.  After some time, the IKE Gateway Status light returns to green. Is this normal?

 

A comment on this article by JasonAtherton

I actually found the answer online without calling in.  This is great.

Thanks for the article.

 Thanks for your comment, @JasonAtherton! Glad we could help!

 

GET ACTIVE IN COMMUNITY

A FALL QUESTION 

Ask questions and #GetAnswers here in the Live Community, but now we have a question and challenge for you! Responding to either reaps great rewards for you, including a nice accumulation of community badges.

 

What is your favorite Palo Alto Networks feature?

Did it help solve a problem you were facing?

Be sure your story is counted among the best of them -- it will help you on your way to earning more community badges -- or even your first!

 

CAPTURE THE HOODIE!

Reaper's challenge still stands, and that nice, cozy-warm hoodie is yet unclaimed! It could be yours -- easily, too! Show off those hacking skills, or just send us a funny pic (c'mon) or a spoof of your liking and ours. Easy peasy, and it earns you a special badge, fame, recognition and who knows where that may take you|? But, remember, you must play to win!

 

JOIN LIVE ON YOUTUBE

#GetAnswers | YouTube

3610 subscribers (up ~100 from last week!)

279,146 views (up ~10,000 from last week!)

Live Community YouTube channel

 

Ask your questions about our videos here in the Live Community. Make connections. Share knowledge. Learn more.

 

AROUND PALO ALTO NETWORKS

Tweets  

LinkedIn/Facebook/Google+ Posts              

  • 2018 Cybersecurity predictions and recommendations: Cyber hygiene for financial institutions found non-compliant with SWIFT mandatory security controls http://bit.ly/2jv86Ef
  • Palo Alto Networks volunteers spent the day assembling 1,000 special ops teddy bears for U.S. military active duty families. Learn more about Operation Teddy Bear: http://bit.ly/2zFNUpF
  • Learn why ransomware hurts so much and is so hard to stop http://bit.ly/2zMJdYR  

2018 Predictions & Recommendations

Threat

Culture & Diversity

Canon

Partner

Service Provider

Regional

Misc

 

THANKS TO OUR CONTRIBUTORS!

@jdelio@reaper@kiwi @cstancill @Lucky @kwall00 @syadav @jperry1 

 

Till next time--

Gail

@editeur

Ask Questions Get Answers Join the Live Community