Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 136 Views
  • 0 replies
  • 0 Likes

How to properly configure POP3 AV and malware inspection

Dear Live Community,

 

I was wondering how I have ro configure pop3 traffic inspection in order to protect my network from malware and viruses in mails sent to me. My Linux server pulls various mail servers in the internet using fetchmail every coupl

...

daubsi by L1 Bithead
  • 2161 Views
  • 1 replies
  • 0 Likes

Help with "Deny All, with whitelist of domains"

I have been trying to test out a new policy that will need to be implemented by our security team. This involves a Deny All rule, with a rule right above it that allows a list of domains. These domains include SaaS services, Cloud, and other domains

...

kaboom by L0 Member
  • 2448 Views
  • 3 replies
  • 0 Likes

Resolved! Radius/TACACS Question

Is it possible with 6.1.x to where if  a user  wanted to change  radius/tacacs password (before it expires or just because the want a new password) they can . Or if a user locks him/her self out and needs to change password. Is there a profile for th

...

Resolved! PA200 Failures

We started deploying Palo Alto in our environment about 6-7 months ago.  We're up at 19 PA200s in production (we also use Panorama).  Since we've been deploying these, I've had 6 units fail at 4 different sites.  The failure is always the same, basic

...

sshshowintunknownup.PNG
sshshowint.PNG

URL Category

We use PA URL Category to block access to some sites i.e. Social media etc.

I would like to export all the category names and their respective settings block / allow / alert etc. to an Excel or Text file.

 

Can this be done, if so how

RC-BHF by L2 Linker
  • 1838 Views
  • 2 replies
  • 0 Likes

Blocking WORD docs which contain macros

In the course of a regular day, it is not uncommon to receive regular legit word documents from people via email.  However, increasingly we are getting documents pretending to be resumes, and the .doc file contains macros.  Our version of Word 2013 t

...

cenders by L3 Networker
  • 3028 Views
  • 3 replies
  • 0 Likes

Resolved! HA failover when failing a little more?

Hello,

 

sorry, if I missed something obvious... but I need your help, because I have no lab environment where I could answer my question by just testing....

 

I have two PA-200 with HA Lite.

 

Both have an outside interface connected to a switch:

Fi

...

OCEDTRA by L1 Bithead
  • 3701 Views
  • 4 replies
  • 0 Likes

Whatsapp traffic not always recognized properly

Hi All,

 

it seems that in the last days the whatsapp application is not always correctly recognized.

From logs we can see that some connections are blocked.

We don't think is due to the last dynamic updates, because we reverted it to precedent versi

...

TheRealDiz by L4 Transporter
  • 11054 Views
  • 13 replies
  • 0 Likes

tap zone and ddos profile

Hi,

I have created tap zone and created policy under security policies .
In my ddos profile there are two policies one for trust zone another one for untrust zone

if I create another policy for tapzone , is it a good creating another ddos policies for

...

sib2017 by L4 Transporter
  • 1481 Views
  • 1 replies
  • 0 Likes

Minemeld 0.9.7

Hi,

whats new with 0.9.7 ? just noticed that Minemeld has been upgraded to 0.9.7 roughly 3 days ago.

 

Thanks

bartoq by L3 Networker
  • 2490 Views
  • 1 replies
  • 0 Likes

Resolved! another 'free' VPN

I was just able to install 'hexatech' free vpn from the Apple App store and with a couple of clicks COMPLETELY bypassed my Palo Alto firewall! This program uses a variety of random IPs. It seems to like port 9010, though it uses others. Short of enab

...

cloughr by L2 Linker
  • 2322 Views
  • 1 replies
  • 0 Likes

Resolved! Zone Protection

HI

I have a question related to zone protection. I am having a company doing vulnerability scanning on my system and I want to be able to disable zone protection only for the IP's of the scanner. What would be the best way to acomplish this? Any help

...

it.unit by L1 Bithead
  • 5519 Views
  • 7 replies
  • 0 Likes
  • 23589 Posts
  • 107 Subscriptions
Labels