Automation/API Discussions

Current method for requesting Application updates?

Hi there,

   So far, I haven't been able to find the correct method to submit packet captures to Palo Alto Networks for unknown applications. In my case, I'd like to post some captures for updates to the Bloomberg Professional software, but the email

Query Palo Alto Firewall PA-5020 using Firemon

Hi

I am working on integrating Firemon with Palo Alto and need to query the Palo Alto for zones. Here's what I am trying to do.

Problem statement: I want to write a query that would give me the list of firewall rules with ("any" in "Destination zone"

Custom APP-ID for SMTP traffic

I have a request to forward all incoming emails attachments to Wildfire cloud, but not for all users. we need to exclude some users.

I think this can be achieved with custom SMTP application to match destination email address.

How to search for rules with Security Profiles?

I have a pair of Palo Alto firewalls containing 1500+ rules and running PAN-OS 4.1.9. Both firewalls are running in HA and are managed by Panorama. Some of those rules are having Security Profiles configured and the majority doesn't. Is there a way t

Custom APP-ID

I have deployed a new application on our network and found that this application has some communications that take place on TCP-2000. Noramlly this port is used by cisco-sccp. The data that is being passed is not a normal "cisco-sccp" protocal traffi

Deploy custom signature using XML API

I'm trying to deploy custom signatures using the XML API which gives me the following error:

<response status="error" code="12"><msg><line>Object cannot be overridden</line></msg></response>

This was after I was trying to use action=set which gave the

Block - Ask toolbar

Any plan to block "Ask toolbar"?

Regards,

Moorthy

Chromebooks

We are a school district with a growing number of Chromebooks.  We are having problems identifying what student is on the Chromebook.  We have a work around right now (Captive Portal), but it relies on the student shutting down the Chromebook when th

USER-ID Settings: Why is the "User Identification Timeout" a global setting

Hi,

i use a syslog collector to receive ip-user-mappings from an Juniper Secure Access Gateway.

It works quite fine, i created a custom syslog filter on my paloalto and created the correspondig Server Monitor entry for my Juniper Systems.

a simple "show

Unexpected behavior when deleting address-group member using XML API

Hello.

We are using XML API to create or delete address and address-group.

When I deleted address-group member using XML API, address-group member was deleted even if there is another member. (It had just one address member)

As you know, we can't delete

When will the msrdp AppID be udpated for UDP 3389?

Hi:

MS RDP v8.0+ (comes with Windows 8 & Server 2012) uses UDP 3389 for RDP in addition to TCP.  Furthermore, it also tries UDP first (this may be with v8.1 - can't remember).

I know I can workaround it - I just want to know when will the AppID itself

rest API rule modification with Panorama

Hello, and thanks for whatever help you can provide.

I am trying to create a script that will modify one rule from enable to disable and back again via wget. I created a admin user on the panorama box, created a hash based on that user and password. w

App-Id for Oracle PLM / Weblogic

Hi there,

I have a prospect who wants to isolate his critical Oracle PLM / WebLogic application from the rest of the network.

Are these applications recognized by Palo Alto Networks?

If not, what are my options to create rules that only authorize these

Zarafa App-ID

Hi all,

Is there an App-ID for the Open Source Groupware application Zarafa? We got a customer request for this application to be identified by App-ID.

Thanks