Bring the fight to the edge. In an OT environment, defense is about time, and the edge is where you still have it. Joint research by Palo Alto Networks, Siemens, and the Idaho National Laboratory (INL) analyzed global telemetry from over 61,000 firewalls deployed in OT environments, alongside 20 years of historical incident data. The analysis ...
In today's complex threat landscape, a single layer of security is no longer sufficient. Attackers leverage multi-stage, evasive techniques to bypass traditional defenses. Palo Alto Networks addresses this challenge by integrating best-of-breed security services to provide a layered, defense-in-depth architecture. This article explores the pow...
In today's digital landscape, modern collaboration tools like WhatsApp Web are essential for business-to-consumer (B2C) communication. While they offer incredible speed, they also introduce a critical security challenge: how do you prevent sensitive data exfiltration through applications that use end-to-end encryption? This encryption creates a ...
Introduction: The AI-First Workplace In just three short years, Generative AI has transitioned from a viral curiosity to the fundamental operating system of the modern professional. As we enter 2026, the numbers paint a staggering picture of this shift: over 1.5 billion people now interact with standalone AI platforms monthly, and in the corpo...
We all know ChatGPT can write code and articles, but can it automate the specialized task of threat mitigation? We set out to test the capabilities of AI by asking it to generate a Palo Alto Networks custom signature. Before diving into the experiment, let's establish some foundational context on the technology that drives these platforms. C...
I have made this article to show how to rate limit the file upload HTTP requests on the file upload URL for a source IP address Before you begin, I recommend reviewing my article on How to Write Palo Alto Networks Custom Vulnerability and Application Signatures with Examples. That article provides a foundation for this topic by demonstrating...
Hello everyone, I wanted to share some knowledge I've gained about investigating common Layer 1 to Layer 4 issues, such as MTU mismatches and DoS attacks, using key Palo Alto Networks firewall features like Global Counters, Flow Debug, and packet captures. The first steps in troubleshooting these issues are always to check your routing, run ...
This Nominated Discussion Article is based on the post "Configure Split tunneling by domain" by @BigPalo and responded to by @Raido_Rattameister and @BPry Read on to see the discussion and solution! Hi, I just configured split tunneling by domain using this domain test: *.portal.microsoft.com (port 443) But i can not see this traffic going ...
Written by Alex Laulhe. With special thanks to Anupam S. & Amogh G. for their contributions. This guide is designed to help firewall admins effectively understand flood attack prevention and troubleshoot flooding incidents detected by Palo Alto Networks firewalls. Whether the event is triggered by packet buffer protection (PBP), Zone Pro...
This article is inspired from Tips & Tricks: Flow Basic Debugging written by @kiwi and I recommend reading that article first before reading this one. Palo Alto Networks NGFWs use App-ID to detect the exact application inside a traffic stream but sometimes traffic will be first classified for example as App-ID "SSL" and after the decrypti...
What is Selective Push? Selective Push on Panorama lets you deploy specific configuration to your firewalls instead of pushing everything all at once. Terminology Push Scope: The final admin view of committed changes with an option to select the changes that will be pushed to the selected target firewalls. Config Audit Window: This window is ...
Most days, BGP runs quietly in the background. BGP advertises routes that keep your WAN, VPN, cloud environments, and public services connected and reachable. Until it doesn’t. And when BGP breaks, it’s not just a routing issue, it’s unreachable services and frustrated users. This guide will help you troubleshoot BGP on Palo Alto Networks fire...
This document outlines the various system modes available for Palo Alto Networks Panorama and provides guidance on transitioning between them. Panorama offers flexibility with its different modes: Panorama, Management-Only, and Logger. Reasons for changing system modes might include optimizing resource allocation by separating log collection a...
Palo Alto Networks 7-byte Custom Signature Minimum Removed in Newer Versions and Why it Matters! In the newer versions after 9.1, Palo Alto Networks now does not have 7-byte minimum length limit and is really useful, as an example, to make a signature that will block traffic to a web page if too many times the login parameter "user" is seen in...
Palo Alto Networks NAT Session Distribution as a Way to Implement Server Load Balancing The Palo Alto Network Destination NAT Session Distribution can be used to implement similar to Load Balancer functionality by using one of the "distribution" methods. You need to allow the traffic with a with a security policy rule from the correct sour...
