Best Practice Assessment Discussions

Threads in this discussion area are read-only. If you have a question about BPA/BPA+ tools please visit our AIOps for NGFW discussions.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Best Practice Assessment Discussions

Threads in this discussion area are read-only. If you have a question about BPA/BPA+ tools please visit our AIOps for NGFW discussions.

About Best Practice Assessment Discussions

Threads in this discussion area are read-only. If you have a question about BPA/BPA+ tools please visit our AIOps for NGFW discussions.

Discussions

Resolved! BPA| Policies > Authentication Rules

Hi guys.

From the autentication section, I got a non-compliant for "Services Include http and https (Fail)" but as a recommendation at says

"Services not set to any". What I don't get it is why the BP Check is for http/https but as a solution it requ
...

Resolved! physical cabling for HA Active/Active

we have 2 new 5410 that I'm trying to set up for active/active. we have 2 ISPs a single physical content filter and a single core switch. I know there will be some fail point with the single core and content filter. my question is so i need to wire m

...

branedge by L2 Linker
  • 1557 Views
  • 1 replies
  • 0 Likes

Resolved! Upgrade Path 10.0.10 to 10.1.6-h6 !!

I see i'm on an unsupported version of PAN OS.  I'd like to upgrade but I'm stumped on the upgrade path.  10.0 is EOL so it doesnt list a preferred release.  Can I move to 10.1 immedietly?  Also, 10.1 version lists 10.1.5 as the first version on the

...

danoman2 by L3 Networker
  • 5333 Views
  • 8 replies
  • 0 Likes

Rectifying Vulnerabilities

Issue: 

 

PNHB has performed penetration tests (PENTEST) for all our firewalls. For Palo Alto PA-820, attached herewith vulnerabilities list for your team to help us to rectify.

2. Can you please clarify me on this reports generated is only the BPA s

...

Resolved! DHCP relay

Dear all,

I am looking for a solution in applying DHCP relay on Palo Alto FW.

problem Description

there are many sub-interfaces and one DHCP server. in this case, do I need to add(network->DHCP->DHCP Relay)

each subinterface with the DNCP server.

try

...

Shadow by L2 Linker
  • 2444 Views
  • 2 replies
  • 0 Likes

API-calls and PA-5220

Hello!
First time posting here so please forgive me for any fouls.

My question is if anyone has had any experience with how many API-calls a PA-5220 could handle, more specifically the "troubleshooting" via ansible-playbooks.

Running a playbook with abo

...

vdahlman by L0 Member
  • 1101 Views
  • 1 replies
  • 0 Likes

Resolved! Paloalto cannot resolve specific FQDN through Nslookup & "fqdn refresh" is not working on CLI console

Hello all,

Our client company uses FQDN A and B that Nslookup the same IP, and the firewall has a DNS access policy applied with these FQDN.

 

Recently, the customer deleted the DNS of B, and if it is normal operation, it should be normal service with

...