Slow download over decrypted TLS sessions?

I've noticed that downloads that occur over decrypted TLS sessions are incredibly slow since upgrading my PA-3050s to PAN-OS 6.1.x (now on version 6.1.12).  Sometimes they don't even complete at all, either failing or just sitting forever.  For examp

Brightcloud connection error

I have a PA-500 that is receiving the error of:

opaque: Failed to connect to Brightcloud update server service.brightcloud.com, initiated by 192.168.75.30

eventid: connection-failure

There seems to be no connectivity issues to URLs for the users. Just

Automate GlobalProtect VPN connection

Hi All,

We are trying to automate connections using the GlobalProtect VPN with a batch script. There's a way to accomplish it?

I've tried to use the PanGPA.exe in "C:\Program Files\Palo Alto Networks\GlobalProtect\" without success.

Any kind of hel

DNS-proxy BUG 7.1.2 using capital letters

Just wanted to put it out there.

I upgraded to 7.1.2 yesterday and a lot of my static dns entries stopped working. after some playing around i figered out that it was because i was using capital letters in my entries. I changed them to lowercase and e

Whats PAN's future for TLS decrypt with many sites now moving to Diffie-Hellman based ciphers ONLY?

Does PAN have any plan for better managing the current state of TLS decryption now that Diffie-Hellman based ciphers are becoming the default standard?

PAN currently only supports the below ciphers, and when presented with a website that ONLY support

Application override with custom application and threat detection

I want to build a custom application with application override and still be able to scan for threats.
On the website of Palo Alto, there is this text:

If you define an application override, the firewall stops processing at Layer-4. The custom applic

PA identifying traffic from AKAMAI as BruteForce.

Hi guys,

Context: For the past 24 hours we've had constant reports of a Brute force attack on our servers originating from the Akamai CDN's.

I'm unsure whether this is simply a false positive, or if there something to actually worry about.

I've

Panorama not generating summary logs

Hi,

I have an unlicensed Panorama (for the sake of testing) to aggregate logs from the Palo Alto. I've set up log forwarding on the firewall, Panorama is receiving logs and detailed traffic is showing up properly, but there are no summary logs genera

CVE-2004-2761 and CVE-2008-5161 vulnerability applicable to PAN 7.0.3

Hi all,

Hope everyone doing great.

I have a Palo alto firewall running in 7.0.3 version. Recently there was an audit happened and submitted some vulnerabilities found in our firewall. I am very curious to know that whether captioned vulnerability