Auto upgrade on OS

It looks like an upgrade for the os comes out about every other month, has anyone come up with a way to automate the upgrade process and can you recieve email notification of when new os's come out

nsatc.net shows as spyware?

I have a ton of entries in my spyware logs for DNS attempts to nsatc.net

Some digging suggests this is a site run by Microsoft related to Windows Updates.

False positive?

PCI Vulnerabilities Report

Dear Friends, panos, panagent HULK hshah Steven Puluka hyadavalli mmmccorkle

I have a doubt regarding PCI vulnerabilities scan and enable the signature for the same. when security team scan our WAN interface. he found below

1. SSL Certificate - Self-S

GlobalProtect Data File

I can't get the GlobalProtect Data File to download. I have it scheduled to update hourly for a couple of days already but nothing. If i click 'check now' I don't get any version to download. I didn't find anywhere to download it manually.

Dynamic

Bulk upload of set commands in PAN-OS

Hello All,
I'm working on a migration that requires me to breakout one large SRX config into a PAN-OS config while implimenting multiple VSYS instances.  I am managing the configuration via Panorama, so I've got a base config out of the migration tool

Is there a PAN OS CLI command to do the keygen for the API calls ?

I have used the XML API command to generate keys using the keygen option

but I am searching for the PAN OS CLI command to do the same.

Thanks for your help

PA-500 Url Filtering

Hello,

i have another problem with policies...

I used AD to filter people which can access the appropriate site. 

And I have rule in order:

1. Allow facebook (when I give access to whole facebook application)

2. Allow Youtube (when I use url filt

configuration of the NAT rules to DMZ zone

Hello, 

In our office we have two servers in a DMZ zone (10.10.10.3 and 10.10.10.4). In the PA-500 I created a DMZ zone that's related to a vlan in the switch . This switch i related to the serves (10.10.10.3 and 10.10.10.4). 

The servers are in DMZ

User Activity Report - Username not available for report

Hi All,
 
This is my first time posting, so if I am doing it wrong, please let me know. I have attempted to find relevant documentation, but nothing I have found actually seems to describe my issue.
 
I had a request for an activity report for a user to

Signature Questoin - New Malware Affecting Cisco Devices - SYNful Knock

Please review the following white paper produced by Mandiant. 
This also has SNORT rules attached.

https://www2.fireeye.com/rs/848-DID-242/images/rpt-synful-knock.pdf


Question: Has Palo Alto produced a signature update for their IPS/Firewall devices to

Wildfire Alerts

Has anyone else noted a materical change in 'dubious' Wildfire alerts in the last 24 hours?

We have seen a material shift - as if a new detection engine/function has been enabled (and may possibly be a bit too sensitive).