How does ACC work?

Hello,

I tried to find a technote to explain how does ACC work,  please help me to understand,

1. Where does ACC collect the data from? 

2.  Is traffic logging (log at session end) required for ACC to work?

3.  Is ACC real time (with 15 minute delay)?

FQDN address objects not resolving

Hi guys,

I've seen a few bugs in the past regarding FQDNs not resolving. Since an upgrade to 7.1.2 the DNS addresses aren't resolving properly and thus aren't hitting the correct policy I have the address objects on.

 This issue resolves itself when

Content 596 Update - Seeking more details on customer reported problems

Can anyone provide details on some of the problems that were experienced after applying content update 596?

We spent all night troubleshooting a problem where our PA3020 was impacting TCP\9100 traffic. The problem started soon after the update. We wou

File Blocking Cant recognize .txt files

Hello to all,

I am trying to find a way for Palo Alto to recognize some how *.txt files so I can be alert when it pass my Firewall.

Any ideas how I can make this happen?

I have search on the extension list but the .txt is not included some where.

Tha

Panorama 7.1.2 > template validation error -> TEMPLATE1 is missing 'settings'

Even trying to do it via CLI it does the same. Originally it didn't even show that vsys1 was an available vsys after the settings default-vsys command until I tried to enter it once (which it didn't complain about). Compare to running config does not

Agg Interface Subinterfaces over multiple vsys

Hi,

I am working on multi-vsys (4) design with PA-7050 chassis. I would like to know if I can use aggregate interface over multiple vsys. I am thinking of using aggregate interface so that i can get link redundancy. The agg interface will have multip

VPN users getting "password expires in 0 days" after upgrading to 7.0

Hi all,

Today I upgraded our PA-500 from 6.1.4 to 7.0.0.

After the reboot, when I log in with the GlobalProtect client, I receive the following message in red in the warnings/errors section:

"Password expires in 0 days."

We authenticate our VPN users to

Custom System Event ID Severity

I would like to set the severity of the vpn tunnel-status-up event to critical so that it triggers an email without having to get emails for all informational notifications. Does anyone know if this is a possibilty as it currently sits?

Content Update 592 False Positive

I've noticed that since the 592 content update I've been recieving a large amount of Microsoft SMB Client Response Parsing Vulnerability alerts from Threat-ID 35427. I've checked the servers and the workstations and everything is up-to-date or not ru

show interface logs status by date

Hello,

How do I verify if an interface status changed by date and time?  Example:  I would like to know if Ethernet1/10 went down  last week or 2 days ago at a 10:00 am.

Thanks for any help.