Does XDR has inbuilt UEBA?

Does cortex XDR has inbuilt UEBA ? or do we have to integrate it? Please share any document as well if any. Thanks in advance.

What data XDR is taking for correlation? (For example : Like Microsoft Sentinel takes AD logs and security events)

What data XDR is taking for correlation? (For example : Like Microsoft Sentinel takes AD logs and security events) Kindly share any relevant document also if available. 

IPSEC phase 2 rekey

We are having problems with a site to site IPSEC VPN between a PA-500 and a Cisco ASA. The PA is always the initiator and the tunnel comes up and passes traffic just fine. The problem comes when the tunnel needs to rekey, basically it seems that the

Can't get NAT/Security rule to work with multiple ports

PA220 on PANOS 10.1.10-h5

Have an NVR that needs 6x ports accessible from the outside - 3 TCP and 3 UDP. I set up 6x new services and then put them into a service group called NVR Services.

Created a security rule 'Allow incoming to NVR' from untrust

GlobalProtect 6.0.8 disabling adapter issue

Hello all! I am having an issue with my GP VPN. Every few minutes, it drops my connection for about 20-30 seconds before establishing it again. Looking through the logs, it appears that something is disabling the PANGP virtual adapter and then reenab

Active/Passive HA L3 only using Bowtie connectivity between PA3410 and Cisco ISR4431

I have a request from my customer to implement the following HA setup where the PA 3410s are Active Passive to their partner that has 2 MPLS connections from different telcos where one side is generally the active side we'll call it Sprint and the fa

GlobalProtect multiple authentication profiles? External contractors, ldap users with certs

Hi 

Im looking for solution. I need to configure global protect to:

• Login LDAP users. For ldap users it has to check if client has machine certificate on it
• Login external contractors. They have accounts created on palo device and there is no need to

transfer license to new device

 an old PA firewall that was just RMAed---need help on transferring the licenses over to the new device

User-ID exclude OU

Can usernames within a specific OU be excluded from user-id mappings? 

We'd like to avoid mapping user's administrator account names to their workstation IP addresses which happens from time to time due to logging into shares with admin credentials

Import Panorama Configuration Into Expedition and export Device Specific configuration

Hi Experts, I am quiet new to Expedition, currently i am involved in a mass project where i have to migrate exiting Palo Alto Firewall into new. The existing firewall is managed by panorama which have tons of Network addresses and security policies w