Resolved! Site which should be blocked URLF not being blocked after SSL decryption

We are blocking a particular category of URLs (say gambling). When we access the unecrypted site it is blocked as expected. When we add https to the URL and browse we are not blocked.

I can see in the logs that access is allowed by the FW, even tho

Resolved! Dynamic Block List Question.

Hello Community,

Blacklist (such as IP Void or SpamHaus) with a suggestion that we should block that IP.  

I'm hoping there's a way that we can leverage such a blacklist - for example, to have a rule in the FW that references an existing Blacklis

Resolved! Agentless USER-ID - no matched record

Good Day

I have a PAN-5050 configure for agentless USER-ID to a W2K8 AD. We were getting user ids/ips in the logs but now we're not. The server-monitor is connect and now errors or failures to connect. When I do the cli commands (show user userids,

Resolved! Botnet report full of cloud.typography.com entries

My weekly botnet report is full of entries like: 

"Repeatedly visited (32) the same malicious URL cloud.typography.com/"

I've checked this URL in the database and using the CLI, and it shows as computer-and-internet-info

Several tools I've used to

Resolved! Deny & Allow

I have a rule that allows the administrators remote desktop access to our physical domain controller. While reviewing the traffic logs I can see that the PA is show allows and denies for the exact same traffic from my PC to the domain controller usin

Resolved! Renew digicert certificate

Hi,

The certificate we use for GlobalProtect needs to be renewed and I have just paid the renewal and received the file from digicert.. 

In my PA500's Device Certificates the expired certificate has two lines:  The second line's certificate name ha

Resolved! VWIRE Physical Connecivity to Current Virtual Firewall

Hi,

I am trying to get my head around VWIRE and how it supposed to work.

We have the following scenario

SWITCH -> VIRTUAL FIREWALL (ON SHARED HOST) -> INTERNET

We are now looking to do

SWITCH -> PALO ALTO -> VIRTUAL FIREWALL (ON SHARED HOST

Resolved! Action Configured in Security Rules and Seen in Traffic Log is Inconsistent 7.04

Since upgrading to 7.0.4 our traffic logs now show the action of 'reset-both' and 'deny' when the rule explicitly has been set to 'deny'. This is occuring on multiple rules since upgrading from 6.1.8.

Example: we have a rule to block specific appli