Best practice for blacklisting App-IDs

What is the best practice for blacklisting potentially harmful Application ID's(from "trust" to "untrust" over 80/443)?

I started blocking on specific App-ID's, but maintaining this blacklist per App-ID will be kind of cumbersome.

I'm thinking ab

Question/FR for mining rDNS zones?

I have a environment that is currently using rDNS to identify host security policies, and it has older Checkpoint firewalls use this data dynamically via CP Domain Objects to tie rDNS lookups to security policies. This obviously has some challenges a

Feature Request Policy Export

Hi paloalto community

I really don't knwo where I should place my feature request. I hope it's the right place and somebody notice my request.

I would appreciate an export button for policies and objects directly to csv. It should be possible to fi

Error useridd log

Hi,

We are having a lot of strage log in the useridd.log file. We dont know why we are receiving these logs.

The LDAP is configured correctly and we have the read permissions for everything in AD user. Users are working fine.

Please why are we

Dynamic VPN to Dynamic VPN

I'm wondering if anyone has addressed this yet.

I am setting up a VPN between a PA-200 and PA-VM100. Both of the sides have a dynamic IP and we're using an FQDN DNS forwarder as our Peer IDs. Both sides won't initiate the connection since they're b

Email distribution list for announcing new PAN-OS releases?

Is there a Palo Alto-maintained email distribution list for announcing new PAN-OS releases? I'd like to know when 7.1.0, 7.1.1 and furture versions are released and are available for download.

about Palo alto threat preventation throughput

Hi folks, 

Does anybody know that what is included in threat preventation throughput ? 

As i see checkpoint firewall's datasheet  , there is some distinct throughput. 

Global Protect client upgrades are not working on Windows

We're trying to push out a newer version of the Global Protect client with the "Prompt" method via the Portal.

The users are promped, but when they click Yes, it never upgrades - ever...we've had clients connected for hours with no success.   

Th

Scheduled Report Graphical Content Missing

Hello Guys,

l have a number of scheduled reports that are sent out to the security team however for the last month or so the pdf reports have been landing in the recipient's mailbox with the graphical content missing. I have run the reports involved

Strange Local Admin authentication Issue

Hi,

Just want to float this out in the community to see if anyone has expirienced same issue. We have a production PA-200 at one of our sites with Local admin account and AD intergration, the preferred login is using the our AD accounts and last we

Content 578 Customer Advisory [Updated]

[Update 4/19: Added Content 578 Incident Report]

With Applications and Threats Content version 578, Palo Alto Networks received reports that customers running PA-3000 series devices may experience an issue with resource exhaustion on their firewall

Help With MineMeld for Domain Blocking for DNS Sinkhole

Hello 

I am new to MindMeld and I am seeking help with an issue: 

I wanted to configure an External Block List to use with DNS sinkhole. I need a spyware blocking of malicous sites (Like URLF) but one that will work based ib DNS only! 

I tried to