Anyone using save/load filter optins under Monitor tab?

Out of curiosity is anyone using Save Filter and Load Filter options under Monitor tab and find them user friendly?

I have mentioned to Palo representatives few times that filter field should have droppdown history like browser address bars have but t

DHCP Discard session

Scenario is we have ISP connected to Outside zone.

DHCP server on Inside Zone.

On Each satellite we have DHCP relay configured to readh DHCP server.

Whenever there is any issue with Power at location where interface connected to inside zone goes down.

Tr

Mac book throws untrust certificate after user identification timeout.

Mac book throws untrust certificate after user identification timeout.

MAC Book unable to operate with Kerberos authentication. If working, provide configuration details.

MAC Book unable to operate with Kerberos authentication. If working, provide configuration details.

Is it possible deny the user access web site by proxy???

The scenario is just allow user access system directly, deny all if using forward or reverse proxy such as nginx、apache2、liqud and so so??

What should i set? Application or other else?

URL Filtering by IP

Hello,

We would like to report on web browsing based on the IP off the user's computer, not username (or Identity). Can someone offer a guide, or point me in the right direction? Thank you.

New Pan OS 8.0 Release date

Hi,

Palo Alto Engineer said clientless VPN will release with new PAN OS 8.0 in near future. I just wanted to know what is the exact release date for new PAN OS?

Thanks,

Lakshitha.

Sequence number Randomization.

Hi Guys, 

ASA has a feature where it randomize TCP Sequence numbers to prevent hijack session. 

Does palo alto has any similar feature. 

Sorry to compare the products here. My intention is to configure similare setting in firewall. 

Regards, 

Current SSL Certificate best practices?

Greetings all,

We're getting close (hopefully) to rolling out our PAN boxes and I'm working on getting together information to pass up the chain on features like SSL Decryption and SSL certificate security.

I've got a few questions concerning best pr

IPSEC VPN support for both side as Dynamic, Supported on Juniper but not on PA

Hi There,

I was migrating configuration from Juniper to PA, everything worked as expected except IPSEC VPN.

Customer has two sites and both sites have ADSL connection with Dynamic IP address, however on one end Dyn DNS is used. In the below example S

How to block windows 10 store

Can I block access to windows 10 store by policy?

User to group maping for xml-api user who provided no domain string

Hello,

i need to map user to ldap group. For desktops there is no problem, mappings goes well. But if some user connects via smartphone and didn't provide DOMAIN\  then problem occur. Is there any way to achieve this goal ?

Typing DOMAIN\ on mobile key