General Topics

Video - MineMeld on AWS & Autofocus Export Lists

Here you can find a video about using MineMeld on AWS and how to configure it for collecting Autofocus Export Lists:

https://paloaltonetworks.box.com/s/1opgnziic7kxqx5y83q5gsusbf5yo989

Threat signatures requiring ssl decryption

Is there a way to determine if a threat signature requires ssl decrypt in order to provide protection. I undertsnad this could have at least three posibilities being fully required, partially required, and not required. Using signature 14616 in conte

PA v200 SSL offload

Hi, Please can someone confirm that if PA v200 virtual Palo Alto firewall can do the following? 1- Off load SSL request from customer (HTTPS) 2- Inspect the packet 3- Re-encrypt it and forward to next hop in secure (https) format Regards,

Blocking Web Advertising with PANDB and websites that check for blocking

Hello,

For several years, we have been blocking URL content classifed as "web-advertisements" within PANDB.  This has been extremely successful in stopping malicious ads from comprimising systems. 

More and more websites are now disallowing access to

Using Dynamic Block List - What happens if the Dynamic Block URL is not available?

What happens if the URL for the dynamic block list is not available? Are the entries cached or all IPs allowed?

Thank you.

Embedded Word Templates - Clients on external networks to reject immediately

Hi Guys

Wondering if anyone has any ideas on;

There are external clients / users attempting to open word documents that use word templates stored on the corporate network drive.  When the user is offsite and not connected to Global Protect or VPN and

PA strange behaviour

Hi,

Last night (1.30am) it was a electric cut down in my office. This cutdown didnt affect to our PaloAltos but since this time we are expecting an strange beahviour in our Palo alto. During this morning the FW were flapping and we found one member

DNS tunneling seems it's not recognized as "tcp-over-dns"

Since some weeks, we are suspecting DNS Tunneling usage.
We saw a specific "application" being present on applipedia for this kind of action: tcp-over-dns

Applipedia description states:
"DNS Tunneling is a technique to encapsulate any binary data within

how to block ultrasurf all version

please ...anyone to know how can i block the application ULTRASURF in PA 6.0.7

url filtering flow

The url filterng flow is like below:

data plance -> management plane -> cloud.

I am seeing the category of ome sites is different than test url site of palo alto.

For Ex:

 In Palo alto firewall below command gives this output

show running url xxx

malawa