09-24-2013 10:35 PM
Hi All,.
Is Traffic Pattern / behavior based detection is possible in PaloAlto as in the Cisco,.
In Cisco it works as fallows,.if we have enabled traffic sensor for particular time period it will calculate the percentage of traffic based on protocols as shown below
HTTP - 30% FTP - 20% HTTPS- 50% and this information will be used in future traffic analysis, for eg : If HTTP traffic goes above or below the 30% then it send alerts to administrator and same for the FTP (above or below 20% and HTTPS 50%).
Regards,
Gururaj
09-25-2013 12:30 AM
There is no traffic baselining/anomaly detection available in the product at this time. But you could feed traffic logs into splunk and analyse from there.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
