Community Blog

Announcements
Customer Notice: Panorama Certificate Expiration on June 16 2017.  Read More >

Thanks to everyone who participated in ‘Starting with Palo Alto Networks — What I wish I had known.’ Discussion responses range from the firewall to Panorama and back again. We appreciate all you shared and all we learned, which speaks highly of your positive engagement and support for the community and each other. We thank you. Check out a few highlights from the discussion and a response to a common question about how the Live Community differs from Fuel User Group.

Read more...

Setting up an IPSec VPN Tunnel

by Tuesday - last edited Tuesday (150 Views)

A VPN allows you to create a secured network connection over a traditional network by encrypting all communication between two hosts.  Let's take a look at how to set up a site-to-site tunnel that uses strong IPSec encryption!

Read more...

DotW: URL filtering with PAN-OS 8.0

by Monday - last edited Tuesday (177 Views)

If you are new to PAN-OS 8.0 and have started using URL filtering, consider this a mini FAQ to clarify new features or default settings for PAN-OS 8.0 URL filtering.

Read more...

LiveWeek 19 May 2017

by Thursday - last edited Friday (407 Views)

WanaCrypt0r ransomware and ways that Palo Alto Networks can help you defend your network. Are you using custom applications that require greater overhead? Do you need to improve performance for IPSec traffic? TCP MSS adjustment might be just what you need. Clear commit queues and stop a running commit on PAN-OS 7.1 and later. Check this: Step 1. Scripting. Step 2. Retrieving reports using the XML API. Step 3. Learn how. The Live Community has a brand new look, just for you. Slide on through and tell us what you think.

Read more...

Pulling reports using the XML API

by a week ago - last edited a week ago (421 Views)

Scripting makes the admin's task a lot easier, reports tell the admin what's up and how things are going. The logical next step is to retrieve reports using XML API.

Read more...

Want to know more about the latest WanaCrypt0r ransomware and ways that Palo Alto Networks can help you defend your network from these attacks? Please click to read more.

170x170_wana-292-176.png

Read more...

TCP MSS adjustments

by a week ago - last edited a week ago (212 Views)

Are you using custom applications that require greater overhead or do you need to improve performance for IPSec traffic? TCP MSS adjustment might be just what you need!

Read more...

LiveWeek 12 May 2017

by a week ago - last edited a week ago (326 Views)

A high load on the management CPU -- how to deal. T is for troubleshooting GlobalProtect IPv6. OTP 2FA OMG, but we speak Geek and GlobalProtect. Accessing the User-ID agent or AD on a different interface. The experts speak at Ignite. Be there, sporting your Live Community t-shirt (see how to get one). Tech Docs tells all about Aperture, including SAML support, Traps, PAN-OS, and VM-Series on Azure Government Cloud. All here in your Live Community.

Read more...

Accessing the User-ID agent or AD on a different interface?

by 2 weeks ago - last edited a week ago (205 Views)

You want to fetch user information for the clientless User-ID or the installed User-ID agent, but your management interface is Out Of Band, now what?

Read more...

OTP 2FA OMG

by 2 weeks ago - last edited a week ago (223 Views)

One Time Password (OTP) based Two-Factor Authentication (2FA) really sounds like a mouthful (of acronym OMG RTFM), but in today's security landscape, steps need to be taken to make remote connections more secure.

Read more...

Tips & Tricks: GlobalProtect IPv6 Troubleshooting (T is for...)

by 2 weeks ago - last edited 2 weeks ago (210 Views)

This week's Tips & Tricks is all about GlobalProtect IPv6 Troubleshooting.

Read more...

LiveWeek 05 May 2017

by 2 weeks ago - last edited a week ago (410 Views)

Whassup with applications and services in the security policy? Is there a difference and should you be worried about how each is implemented? All about the new Panorama 8.0 and the logs and log collector upgrades required after upgrading -- let's clear up any confusion. Joe's tasty alphabet soup cooks up D for Duo (with MFA thrown in) and A for Azure to PAN VPN. Our support engineer creates a workflow and troubleshooting checklist for policy enforcements. Remember June 16 for Panorama certificate expiration. Be sure you're all signed up for the next LiveWire newsletter, follow and retweet at Twitter, and catch the latest on our YouTube channel.

Read more...

High Loads on Management CPU

by 2 weeks ago - last edited a week ago (569 Views)

Seeing a high load on management CPU is not entirely uncommon. Certain processes can cause a spike in CPU.  Still feeling uncomfortable with these spikes? Then there are a few tips and tricks to help reduce the load.

Read more...

What's a service anyway?

by 3 weeks ago - last edited 2 weeks ago (685 Views)

What's the deal with applications and services in the security policy? Is there a difference and should you be worried about how both are implemented?

Read more...

Tutorial: Clearing Commits

by 3 weeks ago - last edited a week ago (143 Views)

This tutorial explains how you can clear commit queues on PAN-OS 7.1  and later versions.  It also discusses how you can stop a running commit!

Read more...

Upgrade Panorama logs to PAN-OS 8.0 (FAQ)

by 3 weeks ago - last edited 2 weeks ago (643 Views)

Lots of discussions on the Live Community ask about the new Panorama 8.0 and the logs and log collector upgrades needed after upgrading. There is some confusion about the upgrades. I answer these questions in this blog.

Read more...

LiveWeek 28 Apr 2017

by 4 weeks ago - last edited a week ago (684 Views)

Fighting vs filtering it out, and a robust recommendation for application filtering. Check out Duo MFA (multi-factor authentication) for trusted access with SSO. Secure the citadel and protect against Shamoon2 and a variant of the IoT/Linux botnet, Tsunami, which we named Amnesia. April LiveWire has arrived! Globetrot with us in 'low cost' digs just in time for Ignite. Discussions, tips & tricks, videos and more. All here in your Live Community.

Read more...

Tutorial: GlobalProtect Client Certificate Authentication (C is for...)

by a month ago - last edited a week ago (252 Views)

Do you use GlobalProtect? Do you want to set up Client Certificate Authentication? 

If so, then you are in luck.  With the latest Video Tutorial, you will see what is needed to get this up and running.

Read more...

Cert Configurations for GlobalProtect

by a month ago - last edited 2 weeks ago (225 Views)

Ever wondered what solution is best for you ? Do you get lost on all the different certificate options you have in GlobalProtect ? Check out this article which explains all the different certificate options in a nutshell!

Read more...

What are the recommended applications for internet access?

by a month ago - last edited 2 weeks ago (446 Views)

Last week I was asked by several people what the recommended applications are to allow out to the internet, check out how I solved their conundrum.

Read more...

Fight ... errr ... Filter it out!

by a month ago - last edited 2 weeks ago (412 Views)

Ever felt like you’re missing out on something super nifty but can’t put your finger on it ? Check out this blog to see if you missed something!

Read more...

Announcing the Live Community Sentinel Program

by Community Manager on ‎04-21-2017 01:32 PM - last edited 2 weeks ago by (583 Views)

It is time to recognize our users!  The Live Community team is very excited to announce the roll out of the Live Community Sentinel program to recognize and reward our most valuable contributors.

Read more...

Video Tutorial: Duo Multi Factor Authentication (MFA) (D is for...)

by on ‎04-20-2017 12:31 PM - last edited 2 weeks ago (1,783 Views)

This video tutorial shows how to integrate Duo multi-factor authentication to the Palo Alto Networks v8.0+ firewall in an authentication policy for the purposes of Captive Portal or an authentication step-up.

Read more...

Live Community team at Spark User Summit London

by on ‎04-19-2017 03:32 PM - last edited 2 weeks ago (440 Views)

The Live Community team presented a small segment on best practices at the Spark User Summit event in London. Fnd a link to all the source materials, additional information, tutorial videos and more!

Read more...

Inter VSYS NAT and how to hide Subnets

by on ‎04-13-2017 06:31 AM - last edited 2 weeks ago (661 Views)

Reaper discusses how in some scenarios you may need to split off segments of your network into different VSYS, but still be able to have the segments communicate with each other, but requiring NAT to hide the original IP subnets.

Read more...

Tips & Tricks: How to configure GlobalProtect and IPv6

by on ‎04-11-2017 02:24 PM - last edited 2 weeks ago (510 Views)

If you have been wanting to know how to configure GlobalProtect and IPv6, then you will want to read this.

gp-IPv6.png

Read more...

FYI: Panorama Certificate Expiration! June 16, 2017

by on ‎04-10-2017 02:23 PM - last edited 2 weeks ago (3,361 Views)

Just in case you have not seen the "Customer Notice" at the top of the screen, I wanted to bring your attention to the fact that the certificate Panorama uses to communicate to PAN-OS devices is going to expire!

pan-warning.jpg

Read more...

LiveWeek 12:2017

by Community Manager on ‎04-07-2017 01:26 PM - last edited 2 weeks ago by (548 Views)

50 top reports to get visibility in the network, The NAT saga continues, How to prevent SSH Tunneling while allowing normal SSH sessions, Protect against Shamoon 2, Share your story and win a t-shirt!

Read more...

Tutorial: SSH Decryption

by on ‎04-06-2017 01:46 PM - last edited 2 weeks ago by (847 Views)

If you have ever wondered how to set up SSH Decryption, then you are in luck, as we have just published a Video Tutorial on this.

Read more...

New IoT/Linux Malware Targets DVRs, Forms Botnet

by on ‎04-06-2017 01:45 AM - last edited 2 weeks ago (416 Views)

Unit 42 identifies a variant of the IoT/Linux botnet "Tsunami". Read about how the "Amnesia" malware is delivered and distributed within the targeted network.

Read more...

Register now
Ask Questions Get Answers Join the Live Community