Hi
We currently have 100+ Citrix Servers with more being added or removed every week. The TS-Agent is installed as part of the default Citrix Server build but it would be nice to have a slicker process to add new servers into the Panorama config. Pres
...
Hi DevCenter Community,
My customer had requirement to control News Feed on Facebook. Have tried myself but couldn’t verify which fields + conditions to be used to make this work.
1- Block content from appearing on Facebook News Feed: customer need to
...
Greetings,
I am still pretty new to the Palo Alto product line and was hoping I can enlist the help of the community to get some feedback and possible use case scenarios for using the VM based firewall. I am currently working on a few new branch offic
...
Hi,
created a custom signature to block uploading edrawing files (Solidworks: .easm and . edrw), but I cannot define client2server or server2client. I like to block only uploads but PA is blocking both... could you please take a look?
both (NOT one of
...
Hi AppDev team,
After speaking with support (case# 00241826) we would like advice on the socks dependency for Citrix. We would like to avoid opening up socks if all possible due to the vulnerability it represents.
The TSE suggested the AppDev team woul
...
I've looked through the documentation and cannot seem to find a "begins with" regex variable. The common symbol ^ seems to be reserved in PA for match any except. Is there a solution or is this not available?
I'm trying to download application-pcap files using panxapi (not just file listings), but am not able to get it to work right.
My end goal is to specify a folder and have it download every .pcap in that folder.
Running panxapi like this just gives me a
...
Hi devcenter
I've been reading the document on Application DDoS mitigation techniques using vulnerability signatures ( Application DDoS Mitigation ). I've been experimenting with the concept of "session limiting" bittorrent connections in this manner.
...
Hi,
Our customer asked to create a custom signature to prevent some brute force attacks.
We combined threat ID 34556 and 31708 ("HTTP WWW-Authentication Failed" and "HTTP Unauthorized Error") so that if they both occur more that 10 times within 60 se
...
Sorry to cross post this - I was directed to the DEVCENTRE as a more likely setting to find an answer to this.
I'm trying to stem the flood of wordpress brute force attacks coming INTO our network (we are a web host, so host thousands of WP sites).
De
...
Has anyone here dealt with Googles hangout app for mobile devices going through the firewall. The customer wants to allow hangout chat but not file-transfer or video calling. The apps sees it as google-talk and under it is gtalk-voice, google-talk-ba
...
Hello,
My customer made vulnerability signature in FW. But FW doesn't detect this signature.
Customer Vulnerability Signature
context : http-req-message-body
pattern : eval\(gzinflate\(str_rot13\(base64_decode
I am searching this but I don't know.
So I nee
...
Hi,
How can I get the current bitrate of a logical interface at the time its queried via the API or CLI?
I've tried 'show interface tunnel.x' but that shows be the overall counters for that interface.
I know it can be done as Pan(w)achrome displays that
...
Hi, can someone help me with creating a non interactive script which logs in to the device and pulls configuration.
I tried this, but it hangs after passing the password.
ssh <username>@<firewall_name> "show config running"
It runs fine when doing it in
...
Hello,
I'm trying to write a custom smb signature to restrict access to certain shares. It's based on Custom App-ID for a specific SMB share
My share pattern is '\\america\credit'. Unfortunately, it didn't work for me and I opened a support case. But t
...
