General Topics

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

Resolved! Decryption Policy - Blocking things such as Facebook

We recently discovered that due to Facebook now being https:// that my users can get out to Facebook when using Internet Explorer. This actually cause quite an issue due to a bug also getting in.

How do I configure the decryption policy to get in to

...

BrightCloud® Real-Time Anti-Phishing Service

Does anyone know if the BrightCloud® Real-Time Anti-Phishing Service works with Palo Alto NGFW's? (with the correct license of course?)

BrightCloud Real-Time Anti-Phishing Service | Webroot BrightCloud

Does "Unknown-udp" app allow any UDP Packets?

Does "Unknown-udp" Appl. allow any UDP Packets?

I did not find any app and would like to allow UDP only.

Roman

Resolved! Suspicious DNS Query Pan-DB and BrightCloud

We are using the BrightCloud URL DB for URL Filtering. Last week we had discovered an issue that users can’t access the URL http(s)://www.haalmeeruitjecard.nl

Searching the PaloAlto we see that is not blocked by the URL Log. BrightCloud says as URL C

...

high management CPU

Hi,

my PA500 management CPU is 100%

PAN OS release 5.0.2 (same problem with 5.0.1)

If I reboot the firewall, management CPU usage goes down for some days than raise again to 100%

Schedule a management restart

Hi,

regarding GUI slowness I've a question:

a lot of people suggest to restart management server.

How can I schedule a night restart of it?

Thanks

regards

6.0.2 Upgrade on 2050

I recently upgraded code to 6.0.2 on a 2050 and am experiencing significant packet drop issues (network becomes inaccessible). It is resolved when you reboot the device, but it only is resolved for about a day, and then goes back to dropping traffic

...

Wildfire Email Alerts

Hopefully quick one..

We used to get these alerts directly from the Wildfire cloud, but they have stopped (for a few months actually, I've only just got round to looking into it) - is this normal?

We do get the email alerts setup via the logging mechan

...

Global Protect Client SSO issue with AD group policy.

I am setting up Global Protect and trying to use Single Sign on, but with machines on my domain that have group policy provided, when the the domain id logs in, the global protect client prompts, if i use another machine that does not have group poli

...

Abnormal system memory usage detected, restarting ha_agent with virtual memory 3607332 KB.

I received a critical event in the system log with the error message "Abnormal system memory usage detected, restarting ha_agent with virtual memory 3607332 KB."

After that, our ha active-active pair ran into a non-functional state:

- the active-prima

...

Microsoft Lync 2010 - 2013

Has anyone rolled out MS Lync 2010 servers in your network and worked out the policies & rules for the Lync traffic. If so would someone be willing to share the details. I am very new to the PANOS and i do not want to create security risk.

Thank you i

...

Resolved! How to block dodge chrome?

Hi.. all

Do you know "dodge chrome"?

This is bypass the url filtering by the modified google chrome.

(http method : get \r\n )

I do not find the related signature in palo alto applipdia.(app-id , ips , virus)

How to block dodge chrome?

Trouble getting User-ID from MS Radius (NPS) using script

I am part-way in matching up IP addresses and user names, but struggling with the second......I'll explain.

In our lab we have a PA5020, and I am running the User-ID agent on a VM close to the firewall. It successfull reads the AD credentials etc, and

...

how to work decryption policy?

Hi.. all,

how are you today ? any one please describe about decryption policy and how log bits (0-2048) support? :smileyinfo:

Thanks

Satish

Resolved! CryptoLocker Reporting

I realize that as of me writing this, PA has ~123 variants of *.crilock.* registered. Is there a way to report on vulnerabilities by name rather than ID? It would be nice to be able to publish a report saying, "Our PA stopped CryptoLocker this many

...

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

How and Why to Accept a Solution to Your Post

Resolved! Decryption Policy - Blocking things such as Facebook

BrightCloud® Real-Time Anti-Phishing Service

Does "Unknown-udp" app allow any UDP Packets?

Resolved! Suspicious DNS Query Pan-DB and BrightCloud

high management CPU

Schedule a management restart

6.0.2 Upgrade on 2050

Wildfire Email Alerts

Global Protect Client SSO issue with AD group policy.

Abnormal system memory usage detected, restarting ha_agent with virtual memory 3607332 KB.

Microsoft Lync 2010 - 2013

Resolved! How to block dodge chrome?

Trouble getting User-ID from MS Radius (NPS) using script

how to work decryption policy?

Resolved! CryptoLocker Reporting

Unable to download new version

Edit personal information

best practice assessment option is not showing in paloalto customer portal

change default static route

Monitor Logs - filtering with wildcard?

Re: What is still missing or needs to be improved in PA Next Generation Firewalls ?

Re: Solution for "SSL decryption bypass for Anydesk"

Re: Failed to update content package

Re: Solution for "SSL decryption bypass for Anydesk"

Re: Error installing dynamic update Apps

Unlock your full community experience!

Resolved! Decryption Policy - Blocking things such as Facebook

Resolved! Suspicious DNS Query Pan-DB and BrightCloud

Resolved! How to block dodge chrome?

Resolved! CryptoLocker Reporting