About MS14-068 (Kerberos Checksum Vulnerability - CVE-2014-6324) protection

Hi

Is there anyone know if PAN can protect MS14-068 (Kerberos Checksum Vulnerability - CVE-2014-6324) with IPS feature?

Best Regards

Narongveth.Y

Global Protect Windows Firewall

Finding issues with windows firewall with domain policy applied.  The Pan client is detected as on the domain and the network adapter is public for the firewall.  Under the domain firewall log on the windows machine I show several UDP blocks for the

satatic NAT with multiple server

Hi Friend,

Need some suggestion, I have one ISP. i dont want to expose my gateway Ip, problem is that i dont want Dynamic IP And Port based NAT, i want source static NAT and i have multiple server. i want source static nat for all server. please help

PHP vulnerability CVE-2014-3710

Hi,

In relation to this vulnerability: CVE-2014-3710. Does anyone know if PA have some signature (Threat) that can stop this?

http://php.net/ChangeLog-5.php

any help will be appreciated

Regards,

dicu

Global Protect HTTPS weakness - Help!

Hi,

I would really like an answer to this considering this is supposed to be a security product in the first place and I see several people have already asked the question.

We have just had a security audit completed by a third party, they highlighted

LSVPN configuration Question

In order to register with the LSVPN, each satellite must establish an SSL/TLS connection with the portal. After

establishing the connection, the portal authenticates the satellite device to ensure that is authorized to join the

LSVPN..

Just want to unde

GlobalProtect Welcome Page for network links

I have been  testing out using the Welcome page for the Global Protect client as a landing page for network links.  The old appliance had a user friendly set of links for the average user.  Right now the basic web links for email or www pages work fi

Log Question - Key Exchange

We randomly seem to get some alerts that say:

SYSTEM ALERT : high :  error: Key exchange failed in SSH handshake - DH key

I'm new to Palo Alto firewalls and was just curious if this is something that can be ignored? Was thinking that this might be the

About other ip flood in dos protection.

Hello.

I have a question about other ip flood in dos protection.

Is other ip flood all protocol excepted TCP , UDP and ICMP?

I want to know protecting ack flood.

Thanks and Regards.

Is it possible to Specifically Disable SSL 3.0 on a Palo Alto Interface

Hi All,

I have a case where customer needs to disable SSL 3.0 on an interface and just use SSL 1.0 and 2.0 for both device management and GP. Is this possible? if so then how? Is there any other way apart from disabling the entire SSL feature on the i