Intro to SAML

by on ‎10-05-2017 01:28 AM - last edited on ‎10-17-2017 01:02 AM by (3,533 Views)

Authentication protocols like LDAP, Kerberos and RADIUS have been around since before the dot-com bubble. But there's a not-so-new kid in town, and it's called SAML. Great! But how does it work?

Read more...

QuickTip: Changes in iOS 11 or Mac OS X 10.13 affecting GlobalProtect connections

by ‎09-28-2017 02:26 PM - edited ‎09-28-2017 06:35 PM (3,289 Views)

If you plan on using iOS 11 or macOS X 10.13 to connect with GlobalProtect, then you will want to know about this, as it could save some headaches.

2017-09-28_mac-ios.png

Read more...

New URL Filtering category - Command-and-Control (C2)

by neg273 on ‎09-27-2017 01:14 PM - last edited a month ago by (4,541 Views)

A new category in URL filtering, command-and-control, helps break out specifics from the malware category. Get ready for the debut of this new category coming soon. In the interim, we entertain your questions.

 

Read more...

GlobalProtect Cloud Service Announcement

by ‎09-26-2017 04:14 PM - edited ‎09-26-2017 05:24 PM (2,703 Views)

Have you heard about GlobalProtect Cloud Service yet? If not, then this is the best place to learn all about this great new service from Palo Alto Networks.

gpc.png

Read more...

Get more GUI functionality using Pan(w)achrome!

by ‎09-21-2017 02:53 AM - edited ‎10-09-2017 12:44 AM (6,923 Views)

Pan(w)achrome is a free Google Chrome extension developed to provide some CLI based commands through the GUI.

 

Read more...

Searching through logs, where do I start?

by ‎09-11-2017 05:45 AM - edited ‎10-11-2017 09:21 AM (5,379 Views)

You have hundreds of millions of bytes worth of logfiles, but how can you find that single instance where Greg from finance used some contractor's custom application to connect to his database machine in the DMZ three weeks ago and failed to update his records, and now he has a report due today and you need to fix his connection ASAP?

Read more...

Configure resources per VSYS!

by ‎08-30-2017 06:45 AM - edited ‎09-12-2017 01:58 PM (3,658 Views)

Multiple firewall instances within a single physical Palo Alto Networks firewall.  Be careful that a single VSYS doesn't consume all the device's resources!

Read more...

Virtualization -- what the heck is it?

by on ‎08-22-2017 10:39 AM - last edited on ‎09-16-2017 03:32 AM by (8,066 Views)

Our support engineer and virtualization specialist, Sean McLean, does an excellent job introducing virtualization in a way that's informative, easy to read, fun, and doesn't make you want to shoot yourself in the face. 

Read more...

Panorama configuration log, anyone?

by ‎08-21-2017 06:08 AM - edited ‎08-22-2017 09:25 AM (7,663 Views)

This log displays an entry for each configuration change and is a goldmine of information.  Can't find it? Check out, in this article, why this might be the case.

Read more...

Multi-Factor Authentication (MFA) for Aperture

by on ‎08-17-2017 04:21 PM - last edited on ‎08-18-2017 02:06 AM by (3,304 Views)

To further strengthen your security posture, Aperture will support multi-factor authentication (MFA) for all administrator log-ins starting Thursday, August 24, 2017 at 11:00 p.m. Pacific Time. You will then be able to add an additional layer of security by enabling MFA for all administrators.

Read more...

Video Tutorial: Large Scale VPN (LSVPN)

by ‎08-10-2017 01:09 PM - edited ‎08-14-2017 04:42 PM (3,996 Views)

If you'd like to know more about Large Scale VPN, what it is and how to configure it, then click to watch the Video Tutorial on LSVPN.

 

 

Read more...

Generating Certificates from CSR for Decryption

by on ‎08-10-2017 06:20 AM - last edited 4 weeks ago (4,660 Views)

Learn how to leverage enterprise Public Key Infrastructure (PKI) to generate SSL decryption certificates. Use the firewall to generate a Certificate Signing Request (CSR) and have an AD Certificate Authority (CA) issue a Sub-CA certificate for trusted SSL decryption.

Read more...

How to bypass SSL decryption for an application

by ‎08-09-2017 11:31 AM - edited ‎08-09-2017 11:36 AM (8,555 Views)

Sometimes you need to get creative to make your customers happy. This contribution by a community member drew my attention and could be useful to administrators trying to find a solution to the same question.

Read more...

New Public Cloud Integration Portal

by ‎08-03-2017 12:24 PM - edited ‎08-03-2017 03:11 PM (10,285 Views)

A few recent VM-Series efforts allow Palo Alto Networks customers to more rapidly deploy the VM-Series in both private and public cloud environments. Take a look at what we've done, including case studies, and see how you can contribute.

Read more...

Tutorial: How to enable/disable/clone rules!

by ‎07-17-2017 09:06 AM - edited ‎07-24-2017 12:16 PM (4,758 Views)

Simple yet powerful tools to play with on the Palo Alto Networks Next-Generation Firewall. Check out this tutorial to learn all about disabling/enabling and cloning rules!

 

Read more...

#GetAnswers from Ignite Q&A | kiwi

by ‎07-11-2017 05:29 AM - edited ‎07-27-2017 03:06 PM (5,337 Views)

More posted questions and answers from the booth @Ignite! Topics include Aperture, API, best practices, GlobalProtect, LightCyber, log forwarding, firewall management, MineMeld, Panorama, Traps, User-ID, VPN, and WildFire. Got questions? #GetAnswers here.

Read more...

#GetAnswers from Ignite Q&A | reaper

by ‎07-11-2017 04:39 AM - edited ‎07-27-2017 01:15 PM (13,103 Views)

Ignite brought many different questions posted on the wall of #GetAnswers. We already selected the 'best of' but wanted to share all of them for your information and entertainment. Got questions? #GetAnswers here.

Read more...

#GetAnswers from Ignite Q&A | jdelio

by ‎07-10-2017 03:30 PM - edited ‎07-27-2017 01:12 PM (5,357 Views)

Miss out on the excitement at the Live Community booth at Ignite? Read some of the questions and answers posted in the booth. Topics include configuration and management, GlobalProtect, the Migration Tool, Panorama, SaaS, Traps, User-ID, and VPN. Got questions? #GetAnswers here.

Read more...

New Live Community Features - June 28, 2017

by ‎06-28-2017 02:26 PM - edited ‎06-29-2017 08:10 AM (4,637 Views)

Want to know about all the new features on the Live Community site? Click to see what Joe has to say about new features of the Live Community.

Read more...

Petya cyber attack - what's it all about?

by ‎06-28-2017 12:33 AM - edited ‎07-31-2017 02:57 PM (6,115 Views)

Petrwrap/Petya ransomware. A major ransomware attack brings business to a close throughout Europe, in an
infection reminiscent of the WannaCry attack.

Read more...

Ignite '17 edition, Reaper's favorites Part 2

by ‎06-22-2017 11:16 AM - edited ‎06-22-2017 02:49 PM (3,945 Views)

Part 2 of the questions from the #GetAnswers wall at Ignite: Wildcard search in Traffic Monitor. Pre or post policy with Panorama? Base version when upgrading the firewall, and syncing downloads across an HA pair. App-ID or service/standard ports with traffic? Best method to intro span VLANs. 

Read more...

Ignite '17 edition, Kiwi's favorites Part 1

by ‎06-20-2017 08:17 AM - edited ‎06-21-2017 05:52 AM (4,001 Views)

Questions, directly from Ignite. A few of my personal favorites: What's the recommended naming scheme? Can I change severity of logs? When will WildFire be able to analyse other file types?

Read more...

Ignite '17 edition, Reaper's favorites Part 1

by ‎06-19-2017 04:17 AM - edited ‎06-22-2017 06:59 PM (4,177 Views)

Questions from the #GetAnswers wall at Ignite. A few favorites: What is a User-ID? Why can't we do an object with IP range? How does NAT work with VWire? Best practice for User-ID for Mac OS-X. Can WF-500 private cloud scan the same file types as the public cloud? 

Read more...

Electronic Medical Records are about to get more secure

by ‎06-08-2017 04:38 AM - edited ‎06-09-2017 05:14 AM (2,960 Views)

If you're working in healthcare, Electronic Medical Records, or EMR, then the Epic application may be familiar to you. We're about to make your life easier!

Read more...

What's a TAP interface and what can it do?

by ‎06-07-2017 08:13 AM - edited ‎06-09-2017 04:23 AM (3,819 Views)

Some interface modes are very straightforward while others can be a little more complex. The TAP interface can bring a wealth of information without interference.

Read more...

GlobalProtect IPv6 Troubleshooting Part 2 LSVPN

by ‎06-01-2017 02:43 PM - edited ‎06-10-2017 07:39 AM (3,065 Views)

Joe's Troubleshooting articles on GlobalProtect and IPv6 continue with Part 2 that covers LSVPN and GlobalProtect IPv6.

Read more...

DotW: To disable or not to disable, that is the question.

by ‎05-31-2017 05:12 AM - edited ‎06-02-2017 08:09 AM (3,168 Views)

You may have noticed the option to disable new applications in the scheduled content updates, but why would you want to enable this option?

Read more...

DotW: URL filtering with PAN-OS 8.0

by ‎05-22-2017 03:51 PM - edited ‎05-23-2017 03:30 AM (3,697 Views)

If you are new to PAN-OS 8.0 and have started using URL filtering, consider this a mini FAQ to clarify new features or default settings for PAN-OS 8.0 URL filtering.

Read more...

Pulling reports using the XML API

by ‎05-17-2017 03:20 AM - edited ‎05-17-2017 09:57 AM (11,253 Views)

Scripting makes the admin's task a lot easier, reports tell the admin what's up and how things are going. The logical next step is to retrieve reports using XML API.

Read more...

Palo Alto Networks protects against WanaCrypt0r and other ransomware attacks

by ‎05-16-2017 09:37 AM - edited ‎05-16-2017 02:00 PM (5,412 Views)

Want to know more about the latest WanaCrypt0r ransomware and ways that Palo Alto Networks can help you defend your network from these attacks? Please click to read more.

170x170_wana-292-176.png

Read more...

Ask Questions Get Answers Join the Live Community
Top Liked Posts