Wildfire: different level of severity for the same file
Hi I don't understand why the same file has different level of severity in wildfire.Could you explain me? thank you very much. best regards.
Hi I don't understand why the same file has different level of severity in wildfire.Could you explain me? thank you very much. best regards.
Hello community, Do you know what kind of protocol use PA to your HA, VRRP, CARP.. ? Best RegardsAndres Padilla
I have a lab setup with two palo alto firewalls (PA-200). I am running it with the code it came with the device (PAN OS 5.0.6).I configured User-ID as per the guidelines on this link (https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Configure-Agentless-User-ID/ta-p/62122). However, i was unable to get it work. So i followed thi...
FYI It doesn't appear to require an attack to be an IP address bound to the PA. It also appears that testing a remote firewall while egressing through a PA firewall causes your local firewall to experience DOS effects. It is not just inbound to an IP address of a PA's interface or NAT to that interface. I did an hping3 of type 3 to a remote PA-3...
Hi,I've recently had a client who's PAN appliance failed to pick up a Zero-Day piece of malware that found it's way into their network via email.We have wildfire configured correctly and it transpires they are using opportunistic TLS on their mail relay, the spammer had send the infected attachement using TLS so the Palo Alto had no hope of actu...
When using show routing resource command. Why is there a overlimit value when we are under the 2500 limit count LOBAL ROUTING RESOURCE USAGE:==========All Routes (total): 1088 (limit 2500)All IPv4 Routes (total): 1088 (limit 2500) (overlimit counts 393372562)All IPv6 Routes (total):
http://www.netresec.com/?page=Blog&month=2016-11&post=BlackNurse-Denial-of-Service-AttackHas anyone here tested the effect of this on any PAN-devices ?http://blacknurse.dk says:LIST OF REPORTED AFFECTED PRODUCTS :Cisco ASA 5515, 5525 (default settings)Cisco ASA 5550 (Legacy) and 5515-X (latest generation)SonicWallSome unverified Palo Alt...
Hello, I have test a site for blocking via url-category. If I test the url via cli "test url cams.dnsalias.com" I got the category "dynamic-dns". But in the url-log I see "computer-and-internet-security" What's wrong? MfG Ralf
Hi, my ISP has assigned me with a /30 for the p2p connection and it is routing a /24 public subnet towards that /30. Meaning the WAN interface in the Palo will have to respond to many different ips on two different subnets. I haven't found any Kb that describe this scenario. Also please consider we are migrating from another devicewhich is perfe...
Is there a way to return a block page to users when their connection is blocked not by the URL-filter but by a security policy? We have a security policy that blocks all outbound traffic to a list of foreign countries. The problem is when users attempt to browse websites in these countries the traffic is blocked but the user doesn't receive any...
Hello Community, I have my PA2020 with issues. The device is booting from PanOS Bootloader. What is the proceess to upload and install again the PANOS?.
Hi There, I configured two IPSEC VPN on PA, as PA has two ISP connectivity. Configured a PBF to forward the traffic through primary tunnel interface and enabled monitoring to monitor trust interface of remote PA. A route was configured to forward the traffic the traffic through secondary tunnel interface. I found that traffic was always forwarde...
Has anyone had success blocking Snapchat? We have a rule for blocking "bad" apps and Snapchat is presently in this list. In testing I can see that a reset-both occurs when the firewall detects the traffic and the application is recognized as Snapchat. The issue is that pictures are still able to be sent within the app... which means it isn't ful...
I can't find information about polling interval in Dev guide or 'How to Write a Simple Miner'. What's the minimum, 1s, 60s ? Can it be cron like with day of the weeks or months etc (but less than 60s) ?
We're migrating from Cisco ASA to PAN firewalls.The ASA is default gateway for many subnets & hosts. To achieve a smooth migration, one thought is to put the ASA's MAC address on the PAN firewall, so that the hosts don't need to ARP for the new MAC. Can this be done?I don't see an option to change the MAC under Network / Interfaces. There's ...
| Subject | Likes |
|---|---|
| 4 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 4 | |
| 3 | |
| 3 | |
| 2 | |
| 2 |

