Full location of affected threat URL/filename?

Troubleshooting what I think is a false positive but the Detailed Log View (under Threats monitoring) only shows the filename and not its full location on the HD of the machine. Is there any way to find out the full location?

Is possible create a custom admin role with a specific filter?

This question is for administration of PANORAMA and PALOALTO.

I want to know, if is possible to create a custom admin role with a specific filter. For example, If I make a admin role for vsys or device group and check Monitor-Logs-Threats I want to th

how to block UNKNOWN url category

how to block UNKNOWN url category on PA 5050.

tddmwwnnowxo.com  is unknow url category  so PA URL DB allowed  into my network.  How to block unknown category.

If we block unknown category will it affect any new urls which is not register in PA URL DB

DNS Proxy

Hi,

Can someone post and example of how they set up their dns proxy?

How can I be notified of failed hardware via email, snmp or syslog?

Hello everyone,

We have experienced a FAN failure on our PA-500 and had the red led for the fan and a red fault led (but no idea for how long) - As we wasn't notified of this hardware failure.  So my question is how can I set the Palo up to notify me

Can I block files by signature?

I had a client ask if I could block files by hash.  Without additional information -- such as what protocol, application, host, user-agent, etc. -- it wouldn't be possible to do this with a threat signature, so how else could it be done?

Cheers,

Corey

m

How to drop new SSL sessions when limit is reached in 6.1.X?

We'd like to drop any new SSL sessions if the system has reached the SSL Decrypted Session Limit.

This page, How to Implement and Test SSL Decryption, says to run:

> set deviceconfig setting ssl-decrypt deny-setup-failure yes

but it doesn't seem to be t

How to Avoid Remote SSH Scan

Hello

I have a lot of events "deny" followed by other "allow"; All of these to port 22 (SSH) from remote host to several IP(s) in my Untrust and DMZ Zone.

<14>Jun 24 04:01:17 fw2orgt 1,2015/06/24 04:01:16,0003C102047,TRAFFIC,drop,0,2015/06/24 04:01:16,

Local user passwords problems with GP after upgrade PAN OS

Hi, I've just migrate from PAN OS 5.0.10 to 6.0.7 and GlobalProtect users have got problems with login. They had the password saved on their GP agent, but connection was refused and users were blocked due to intensive login attempts. We're using loca

PA blocks spyware - identify compromised computer

Hi there,

we're running the following setup:

trusted zone | DC zone | Internet

Client/Proxy/some old DNS Server| DNS Server| Internet

I see that the PA is blocking malware traffic (app DNS). But the attacker is either the proxy, asking the DNS in the DC