I have deployed a new application on our network and found that this application has some communications that take place on TCP-2000. Noramlly this port is used by cisco-sccp. The data that is being passed is not a normal "cisco-sccp" protocal traffi
...
I'm trying to deploy custom signatures using the XML API which gives me the following error:
<response status="error" code="12"><msg><line>Object cannot be overridden</line></msg></response>
This was after I was trying to use action=set which gave the
...
I have created several custom vulnerability signatures so I am familiar with the general process. I want to create a custom vuln signature based on a string but I also want to add a time signature to time attribute to that signature since it will tr
...
We are a school district with a growing number of Chromebooks. We are having problems identifying what student is on the Chromebook. We have a work around right now (Captive Portal), but it relies on the student shutting down the Chromebook when th
...
Hi,
i use a syslog collector to receive ip-user-mappings from an Juniper Secure Access Gateway.
It works quite fine, i created a custom syslog filter on my paloalto and created the correspondig Server Monitor entry for my Juniper Systems.
a simple "show
...
Hello.
We are using XML API to create or delete address and address-group.
When I deleted address-group member using XML API, address-group member was deleted even if there is another member. (It had just one address member)
As you know, we can't delete
...
Hi:
MS RDP v8.0+ (comes with Windows 8 & Server 2012) uses UDP 3389 for RDP in addition to TCP. Furthermore, it also tries UDP first (this may be with v8.1 - can't remember).
I know I can workaround it - I just want to know when will the AppID itself
...
Hello, and thanks for whatever help you can provide.
I am trying to create a script that will modify one rule from enable to disable and back again via wget. I created a admin user on the panorama box, created a hash based on that user and password. w
...
Hi there,
I have a prospect who wants to isolate his critical Oracle PLM / WebLogic application from the rest of the network.
Are these applications recognized by Palo Alto Networks?
If not, what are my options to create rules that only authorize these
...
Hi all,
Is there an App-ID for the Open Source Groupware application Zarafa? We got a customer request for this application to be identified by App-ID.
Thanks
We are having an issue with our PA-3020 and doing a partial
commit via the XML API.
I am trying to do a partial commit of only the Policies and
Objects. When I initiate the commit from the XML API it appears to queue up
successfully, and according to th
Hello,
One of our customer has a question whether it is possible to get all spyware IDs using API?
They can get all Threat IDs with API as described in „XML-API-5.0-revC.pdf“ page 5:
Lower marking shows that all available xpaths are shown though API bro
...
Hi,
I run a HA-cluster of PA-5020 PAN OS 5.0.10
I've just noticed that since I've upgraded from 5.0.8 to 5.0.10 a specific traffic was identified as web-browsing instead of as before SSL.
It seems that traffic identified as web-browsing over port TCP 44
...
Hi all,
as far as I know this is not possible right now. Or maybe Im wrong?
The possibility to use wildcards (and an idea of tokens) is not enaugh in my opinion.
Are there any plans to implement it? It would be great if I could create custom category u
...
