User-ID for Cloudware

Hi Guys,

Just finding for options and thoughts to be honest...

We have a service called Cloudware which is almost like terminal servers.  What we are seeing is that users using a browser from these servers are not identified on the PAN as it is not cov

How to traffic-shape traffic over public wireless to app-stores like (app-id) apple-appstore?

Hi,

I'd like to implement qos traffic-shaping from our public wireless network to sites like apple's appstore or google's appstore.

When i look at the monitor screen of our palo, i only see ssl traffic. Do i need to decrypt the ssl traffic first so i c

SCP export log on PA-7050 and SCP import log on VM-100

Hi,

Anyone know if I can run a “scp export logdb” on a PA-7050 and then restore this logdb via a “scp import logdb” on a VM-100 ?

I understand that this would override all existing logs on the VM-100 but that’s fine, I just want to make sure this would

VPN tunnel is getting dropped

we are seeing tunnel drop with below error message.

IKE phase-1 SA is deleted SA: 1.1.1.1[500]-2.2.2.2[500] cookie:191098e4ef6db35d:eba9ee89ff200b07

ending captive session with browser close

Hi,

Captive Portal is used for all LAN (no Active directory)

we want to kill captive portal session when a client closes the browser.

Any idea ? (we can install scripts or etc. to computers, they are not visitor computers)

Is the behavior in my tests normal or maybe I missed something?

I have a specific question. Our firewalls are able to decompress some files like .zip or gzip and after that we are able to analyze their content and detect some malicious files with threat prevention or WildFire.

For the .cab file, the cabinet file c

VM Panorama utilizes 100% CPU always

We had a panorama VM upgrade recently to 6.0.8 with 4 cores CPU and 16 G memory.The moment it boots up the management CPU is always close to 100%.

Any one ran in to this problem or any suggestion would be helpful.

Palo Alto Syslog severity level compare to Syslog Protocol RFC 5424

Hi guys,

Do you know how Palo Alto interpret the standard Syslog protocol severity;

RFC 5424 The Syslog Protocol

Numerical         Severity

0       Emergency: system is unusable

1       Alert: action must be taken immediately

2       Critical: critica

Kaspersky’s Botnet C&C URLs feeds

PANOS : 5.0.11

Dynamic updates version:

Application version         487-2581 (02/17/15)

Threat version 487-2581 (02/17/15)

Antivirus version 1493-1968 (02/24/15

Customer's query is that whether the signatures include Kaspersky’s Botnet C&C URLs f

allow googlebot crawler only

I found reference to this discussion but there were no details specifying how to allow googlebot crawls only.

How to Allow Googlebot Through the Firewall

I would like to only allow google and bing if that's possible. I can see options for google-analy

GlobalProtect issue

Hi all,

We have problem connecting to a VPN using GlobalProtect. We opened a case but maybe someone has an idea what's going on..

The error message on GP client is

Error(4960): failed to get the tag gateways(T1404)

Error(5401): Failed to get gateway lis