Your Questions Get Answers

Announcements

ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.

L7 Applicator

Each year, after Ignite, we have a whole bunch of great questions, a handful of strange ones and usually a few unanswered ones. We feel that we owe it to the community to get as close as we can to a 100 percent reply rate, so here's a few unanswered ones and my attempt at answering to the best of my ability.

unanswered Ignite19 questions.png

 

1. Is there going to be API support to connect to LIVE so that my team can directly respond?

(answer) Not at this time but we love the enthousiasm! If you feel like this is something we should put on our radar, please reach out to us and we'll work on a feature request to see what we can do to make such a thing happen. 

 

2. What is the supported 9.0 code for HA support in Azure?

(answer) That would be 9.0.0 : Support for high-availability on vm-series azure

 

3. What is the best IAM Integration for User-ID?

(answer) The 'best' Identity&Access Management framework is the one you are most comfortable working with. There are several ways to integrate with any IAM and some may come with challenges. You'll be much quicker at tackling those challenges when you're acquainted with the IAM rather than one I suggested that you have never worked with. If you have no experience, I recommend getting in touch with a technology partner that can assist, or talking to peers (hint: the discussion forum is a great place to do that).

 

4. Where do I find platform updates? How will I know about new ones?

(answer) This depends on what your concept of platform is exactly. Generally, ofcourse, I would recommend subscribing to the LIVECommunity blog posts to stay tuned on all the new stuff happening: https://live.paloaltonetworks.com/t5/Blogs/bg-p/CommunityBlog.

Also, the Support portal subscriptions keep you posted on content and software updates and security advisories: https://support.paloaltonetworks.com/SupportAccount/Preferences.

There's also Unit42 and more: https://start.paloaltonetworks.com/preference-center.

 

5. How does Palo Alto (Networks) work with OpenShift and Azure hosting?

(answer)  Openshift is a container application platform based on top of Docker containers and kubernetes container cluster manager (whew that's a mouth full). I'm not very well versed in this regard, but I'd say: stay tuned for Twistlock.

 

6. Why aren't VLAN tags a template variable?

(answer) There's a feature request for that. Reach out to your local sales team to add your vote: FR ID: 11021.

 

7. Threat profile debug in less than 12 hours? Maybe! 72 hours now?

(answer) I'm honestly not sure what the question is in regards to. If you posted this question, or know who did, please feel free to reach out, so we can see about resolving your issue or clarifying some things.

 

8. What are the compatible asset databases supported by your product?

(answer) If this is a question regarding the Unity API editor, AssedDatabases are not supported.

You can browse through the availanble XML API commands via https://<YourFirewall-IP>/api or read the REST API documentation via https://<YourFirewall-IP>/restapi-doc/#.

 

You can check the previous batch of unanswered questions here: Many Questions Were Answered at Ignite 2019...

2,555 Views
Comments
L1 Bithead

We have several IPSec tunnels that connect to 4G devices to provide network access in the event of a primary circuit outage. These tunnels do not disconnect after the primary circuit comes back up. Is there a way on the PAN side to disconnect an IPSec tunnel if there has been no traffic on it in a given amount of time?

1,222 Views
Community Team Member

@snimshad 

We have Tunnel Monitoring when it comes to IPSEC tunnels. They can monitor tunnels to wait recover or fail over.. 

here are some articles and info on that:

 

DEAD PEER DETECTION AND TUNNEL MONITORING
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClFaCAK

 

Setting up tunnel monitoring

https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/vpns/set-up-site-to-site-vpn/set-up-tunnel...

 

I hope this can help.

1,192 Views
Labels