Sinkhole Feature Trouble

We implemented the DNS Sinkhole feature about the time 6.0 came out. I've actually had a hard time using the threat and traffic logs for incident response. We can't pinpoint which hosts are hitting what URLs or malicious domains. The threat logs show

How Does DNS Sinkholing Work?

Can anybody offer a detailed explanation of how DNS Sinkholing works and possibly a real world example of it?

I can only find this documenation: How to Configure DNS Sinkholing on PAN-OS 6.0 and it doesn't provide a lot of details on how it works.

It s

Can't get syslog to work via data port

Hello folks,

Maybe someone has seen this before. I've got my syslog profile, log forwarding and policy setup the way they should be configured but the only exception is that I'm using a data port and UDP 1514. I've configured a service route and also

critical severity default action alert

I am trying to understand the meaning of the default critical vulnerability action "Alert". This question was brought up by management who gets the PAN Content Update email and I want to give them an accurate answer.

For example, Adobe Flash Player M

How do I create a browsing report thats easy for a CEO to read...

Hi,

I have been tasked with creating a report out of our Palo Alto firewall that shows the following.

For a period of 1 month

Users Hours\Sessions on a website

Top 20 visited websites.

Top 20 Categories.

We are using the user agent so all the data should b

Trouble differentiating between malware already seen by WildFire and malware 'first seen' by WildFire

I'm having trouble determining which malware has already been seen by WildFire (therefore it was not re-sent for analysis and blocked by the FW) vs. a file that our organization sent to WF and was determined to be malicious after analysis (not seen b

Polycom can not answers a call

hi all.

i have a problem with palo altl and polycom.

When i make a call from inside to outside >> it ok

when a call from outside comming >> i can not answers

i open all port, allow all application as: h.323, h.252, rtp...

pls help me know why

Import ssh key

Is there a way to import an ssh key into a firewall?

For instance, I run the following commands:

ssh-keygen -t rsa (The public key is now located in /home/demo/.ssh/id_rsa.pub The private key (identification) is now located in /home/demo/.ssh/id_rsa)

ss

QoS Guaranteed

Hi,

I would like to book (guaranteed egress) 5Mbps for streaming in one of my vlan. My outide-Internet (egress) interface is eth1/1.

The class for streaming is CLASS 1 (real time) right????

whats the difference between "clear text traffic" and "tunnel

How to configure PAN to Azure VPN tunnel

I'm sure I'm not the first one to do this, but since I wasn't able to find a document on how exactly to do it, I figured I'd contribute one. I'd appreciate any corrections or optimizations.

The Azure side documentation is pretty clear online and hones