Join us live for an in-depth look at the latest advancements in cybersecurity, best practices, tips and tricks, demos and
more to protect your business and defend against threats in real
Can "set deviceconfig setting session tcp-reject-non-syn no" or similar somehow be configured at just the VSYS level? ( I know it functions at the device level)
So as to provide some VSYS's the ability to process asymetric flows and others not.
Regard
...
This message appears (email, and SNMP trap) pretty much anytime I run a "commit" on the box. It appears cosmetic, as the GUI on both boxes show them being in synch. (possible latency/delay issues during synchsynch causing this mis-fire?)
I noted this
...
Hi,
Can we run multiple OSPF instances on one virtual router ?
In cisco we can run two OSPF processes for example ,
router ospf 100
router ospf 150
Kind Regards,
Sunil
Hello all:
I am trying to configure an user in a security policy but when I write the first 4 letters of his username it doesn't appear (screenshoot attached). However, it does appear throug CLI:
admin@PA1(active)> show user ip-user-mapping all | match
...
Hi there
Ive set up the firewall with a trusted lan for staff and untrusted lan for visitors.
I don want the visitor lan to access the staff lan, however the first rule created was to allow webbrowsing, i cloned it and added the visitor source addess t
...
The organization policy is to block ZIP file types.
We are having problems with docx file type which they are a ZIP file but in the file blocking profile I can see Paloalto should know how to recognize docx files but we still get drops
i would like to
...
I write SIEM content (Mostly Arcsight and Q1), I have found PAN to be very effective in identifying adverse traffic. One thing that would be great, that in addition to recognizing the file type such as "file Microsoft PE File(52060)" which is useful
...
Found this one recently:
http://www.what2code.net/?p=150
http://www.youtube.com/watch?v=wPHeAkv8BaE
Where dns is being used to tunnel ssh traffic through and of course there will be ways to bypass things but how is/will PA address this latest finding?
(a
...
Hello,
I'm using PAN Agent 3.1.2 on WIN2008 server and somethimes after restart the Ignore_user_list seams to be ignored )user on the lista are still identified by the PAN firewall).
Does someone had this problem ? there is way to have an alert or log
...
Hi,
Just like to find out if there is a known issue with Palo Alto and Windows 8 for direct internet policy. Currently, we have defined a policy in PA to allow AD user to connect to internet. However, based on my observation, once my notebook goes
...
Hello,
I recently upgraded to Panorama 5.1.0 (I know, I'm a glutton for punishment!) and am experiencing an issue when attempting to add items to an application group. We've tested this with several workstations and both IE and Chrome and each result
...
Hi,
Pa200 configured to send all to syslog.Sometimes(Random) no log comes to syslog.Did Anyone see an issue like this ?
5.0.5 panos.
I'm fairly sure I can't do as the subject line, so I'll explain why I think I want it, and hope someone can suggest a better workaround.
We're a college campus with (roughly) 3 classes of users: students, general faculty and staff, and "special" staff
...
Hello,
after our recent newsletter distribution, we now see lots of blocked App-ID 'hotmail' in traffic directed to our web servers. Those are requests to HTML resources (images) just referred to from Hotmail website, most likely Hotmail users reading
...
Hello everybody
I have 2 PA-2050 with PanOS 4.0.11 configured with HA. The traps are sent by the Pasive Firewall not the Active, also source IP of the trap belongs to Pasive not by the shared management IP.I just checked the managemtn Profile and SNMP
...
on:
Need help with Global Protect Internal Gateway
on:
Submit IP to known malicious IP or High Risk IP
