UniDirectional Link Failure Detection without UDLD

Hi,

Does anyone know the network appliance could detect uni-directional link failure of SFP+ without UDLD?

I tried the test with PA-5060 and Juniper-EX,

but SFP+s kept link-up cause TX might continue to shot laser when RX came not to receive laser from

Blocking Facebook apps without ssl policy

We are trying to let users to have read-only access to Facebook' but not allow them do posting or download anything from it.   We don't have SSL policy.  Can you block Facebook posting with you SSL policy decrypt traffic?

Thank you

URL filtering Profile - URL in allow list does not work.

Hello,

PAN-OS 5.08

I have a security police to which applied a URL filtering Profile.

I have blocked the category "social-networking" and I need to allow "twitter.com"

I tried putting the URL in allow List:

*.twitter.com

*.twitter.com/*

www.twitter.com

But

Install GlobalProtect

Hi!

I have problem with installing GlobalProtect in our environment. We are using System Center
2012 to to install the GlobalProtect64.msi  with installation behavior “Install for user” but
the problem is that it only creates StartMenu ico for that us

Active/Active performance benefit/impact

Hi,

Anybody currently using or having had tested HA in an active/active mode with any insights into the the performance benefit or impact of such a setup?

Is the additional complexity worth the effort and is the throughput effectively increased compare

What application should be allowed if want allow port 443.

We have to allow https (443) to access an application over internet. So what application should be allowed?

PA identify to unknown-tcp for RSH and R-EXEC with port 80.

Hello,

I need your help.

PA identify to RSH app-id when use tcp/514(standard port).

And PA also dentify to R-EXEC app-id when use tcp/512.

But PA identify to unknown-tcp when these applications use to change TCP port to 80.

Would theses applications depen

Globalprotect client silently upgrade for windows-based system

Hi,

Is it possible to silently upgrade Global Protect from v1.2.3 to v1.2.10?

I have tried to upgrade using msi, but this still remain the old version.

Thanks,

Daisuke

File Blocking Block ZIP and Allow DOCX Extension

Hello,

I need to block files with zip extension. (action Block)

Also allow files with extension: doc, docx, xls, xlsx and pdf. (action ¿? ¿?)

What "action" can I use? or How can I create an exception?

The other extensions should ask me confirmation. (act

AEP[TRAPS]: ninja mode

Hello! Advanced Endpoint Protection Administrator's Guide [3.1] (https://live.paloaltonetworks.com/docs/DOC-8084) is mentioning that "Additional advanced EPMs are hidden and are only accessible in ninja mode". Could you, please, describe additional f

CVE-2015-0235 Ghost

Just starting a thread for  CVE-2015-0235. Ghost

Anybody see any news from PA on this? I have not.

Cheers

tcpdump like packet capture on PA

how can check  dhcp packet on PA , for example using tcpdump -i Internal port 67 we see on unix/linux boxes.

how can we check same dhcp request and response packet on PA .