performance problem with pa-3050

We have two ISP related DNS servers with each behind a pa-3020.  During peak time we have seen the number of sessions increase to 150K on each pa-3020 so we were concerned that if one DNS server had to take the whole load then the pa-3020 would go ov

Protocol Protection Layer 2 or Vwire

My question would it be important to add protocol protection  in Zone Protection if you are running layer 2 or vwire on you palo alto fiewalll? and if so should it be placed  on untrust or trust or both?

Will IP Region Mapping work with virtual wire?

I have a Virtual wire in production with two zones (external and Internal) Have attempted IP Region blocking with no success. Is it supported with Virtual wire ?

Not all SSL traffic is being decrypted

I configured the firewall to decrypt outbound SSL traffic and installed a local cert I created onto my broswer. When I monitor my port 443 traffic I see some of  it is decrypted and some of it isnt. Is this normal behavior? I thought it was suppose t

Filter Threat logs by profile's name

Hello Community,

customer would search threat logs by profile's name.

It seems on the logs there are no any fields with the name of profile (Anti-Spyware or Anti-Virus or Vulnerability Protection).

Do you know how or if is possible to search it?

Thanks

HP Intelligent Management Center TFTP Server DATA and ERROR Packets Buffer Overflow (35688)

Good Day, everyone needing some help with a threat id number I can not find any information on. 

I am needing to do so research on this threat ID that is showing in the Palo Alto once in a while.  I am wanting to change security profile setting from

Which method of Phishing Credential Prevention?

We are currently using User-ID to map users to IP addresses.  It seems that there are three possible methods of preventing credentials from leaving a site, but I am not clear on which method is best.  What are other folks doing?  One of the methods i

which app and content code Petya ransomeware attack is mitigated

want to know in which app and content release "Petya ransomware" attack is mitigated/protected. What code I should update it on to get the protection from this attack. 

As os now, we are on 698-4026 app and content code. Please suggest.

Malicious objects passing through despite action is drop

Hi guys, I am new to the community and I just have a pair of PA820 go live with WF, TP and URL scan subscriptions.

I notice an inconsistency in the WF performance where most of the malicious objects are blocked but there are a few could sneak in, any

Getting report on unblocked vulnerability attacks?

  I am on PA 8.0.4.  If I go to ACC -Blocked activity, I can see what we are blocking.  Is it possible to generate a report of unblocked threats?  Potential attacks that get through because of policy rules?   It would be nice to generate not just a g

DNSProxy - Resolve-Fail - cpsc.gov

Warning: very new to PANOS.

I'm seeing a TON of these messages, to the tune of about 2-300 per second in my system log: Failed to resolve domain name: cpsc.gov after trying all attempts to name server(s): mynameserverinternalip.

I've read that this d

Flurry of Ramnit Detections

Around 04:00-05:00 yesterday my users triggered a series of ramnit detections which were blocked, but when I looked at the logs  it seems a bit unclear.  The threat logs are reporting that the file postprocess.dll carried the malware, but tying the U

SFTP SCP malware not found and blocked on firewall

i took a test for SFTP/SCP  file transmission. but i can't see anything in our logs.  i knew SSH decryption, i tried. but no use. i dont know how to understand SSH decryption( no threat checking for SSH tunnel), actully i dont have SSH tunnel.

and An