Hello, I wouldlike to enable ECMP on one HA pair. I read that the process will restart and can lead to trafic disuptions. I was wondering if i could do the following in order to avoid disruptions : Disable config sync. Doing the modification on my passive firewall. Wait that the process restart etc. Force HA failover on the standby member with...
I am working on a Cortex XDR Device Control configuration and I need to allow a specific mobile device only for file transfer from the endpoint to the device, but I do not want to allow any data transfer from the mobile device back to the endpoint. However, I noticed that the device is detected as a CD-ROM device type in Cortex XDR (1.ss). When ...
Hi.My license expires today.I got a new one, but it's for one month, not a year. Why wasn't my license renewed for a year?
We are considering using snapshots as a method for restoring Panorama VMs running on Azure. Is it necessary to stop the Panorama VM when taking a snapshot? Referring to the following knowledge base article, it appears that restoration via snapshots is not recommended in the first place. https://knowledgebase.paloaltonetworks.com/KCSArticleDeta...
Hi all, dont know if the right board. I'm trying to lodge a case with PAN support, but they are wanting a TCF file. The problem is that the device in question is in a broken state. We took the device out of the box, attempted to disable ZTP; the device rebooted, and never finished "rebooting". It got stuck in a boot loop, and eventually corrupte...
Hi everyone, I’m currently having trouble downloading PAN-OS from the Palo Alto Networks website. In about 2–3 months, I’ll be starting a role as a Network Administrator in a small company where Palo Alto firewalls are already in use. To prepare myself properly, I want to build a virtual lab and practice in advance — configuring interfaces, zone...
FileHash: 40492666ce1ec89434b08bafb2db256b1e84887453c593597707a8adcc42e4f8Link to VirusTotal report:https://www.virustotal.com/gui/file/da7e3524a2b26f47bdc221c4c9197c6a6fdda636fd93b398689900126ad38627VirusTotal Detection: Generic.mlZip password: infected Thank you.
Hi All, PAN-OS10.2.13-h5 SilverFort compatibility with Panorama VM-Series.When Panorama administrator login via LDAP authentication profile is tied to Silverfort, there seems to be an issue with access.After removing Silverfort authentication seems to be ok, please advise if there are any compatibility issues known for these 2 devices. Kin...
Hey everyone, Here are my articles about creating Palo Alto signatures that anyone in the community could find useful: How to Write Palo Alto Networks Custom Vulnerability and Application Signatures with Examples LIVEcommunity - Rate-Limiting File Uploads with Palo Alto Networks Custom Signatures - LIVEcommunity - 1239571 LIVEcommunity -...
Hello Livecomm, I am working on the XSIAM platform and I want to provide a default layout for cases that are manually opened. The classic fields that contain this info such as _product and tags cannot be filtered on. Does anyone have a solution for this? Many thanks, MSysec Cortex XSIAM
How are people policing logins to Chatgpt for enterprise only logins?https://help.zscaler.com/zia/adding-tenant-profilesZscaler does it. Palo does it for microsoft.....How are people doing this with decryption and Palos native app id, NOT the ACE subscription?Is this possible?
In the last couple of days we've been getting reports from multiple users that they are being blocked from downloading .xlsx files from a cloud service. I can see that there are multiple entries in the Data Filtering log for each file, and then final one is showing a Threat ID of BIN file and being denied. Anyone seen anything similar?
We have created Security Policy with following criteria Source: User Destination Address : Any, URL Category: Worldwide URL, Tenant Restriction: Dropbox, Application: Any, Service: Application Default, and Action: Allow In This Scenario Any Traffic, Worldwide URL and Dropbox will be allowed or how it is?
Running show system resources, I see multiple instances of a process called 'touch' showing in a zombie state. I haven't been able to find anything about this process or what it does. Does anyone have any information on this? bmax@fw-ab-a(active)> show system resources top - 10:19:01 up 289 days, 14:35, 1 user, load average: 1.08, 0.84, 0....
I’m confused because there seems to be a contradiction in the documentation regarding the choice of AWS instance type for deploying a VM-300 using NGFW Software Credits.Could you clarify which AWS instance type meets the requirements for running VM-300? ■VM-Series Performance & Capacity on Public Clouds – VM-Series on Amazon Web Services Per...
