PA4050 Hardening Standard

Hi,

I would to know if there's an Hardening Standard or a bechmark best pratices for PA4050 firewall.

The purpose of that document is PCI DSS.

Thank you,

Paulo

NFS Performance - really poor

Hello everyone,

To start, this is my first post ever and I'll try to be as complete as I can.  Yes we are working with ETAC, who are very helpful.  However the solution is evasive and I hope someone else in the community has experienced something simi

Google drive, SSL, blocking

Hi, 

What PanOS version was google-drive-web application introduced.  We're running PanOS 4.1.6.  Firstly I tried blocking it using the url filtering but have been unsuccessful in doing so (as below), thought I'd see if it can be done via the file b

Can't upload anti-virus update

Good day

I'm getting an informational error when uploading anti-virus file below is the error

"upload -> anti-virus -> name Node can be at most 64 characters - current lenght 79"

Has anyone seen this before?

M

Calling Station ID - RADIUS calling IP

Hi folk,

Anyone know if it's possible to include Calling-Station-Id (RADIUS attribute 31) when authenticating to a RADIUS server (specifically to a MS NPS server).

The purpose of this, is to collect the end user's IP adress for logging in a third party

Set volume quota

Can we set traffic volume quota for users on Palo Alto firewall ?

Custom App-ID for XP OS?

Has anyone written a Custom App-ID to identify XP OS, and more specifically browser based access.  I would like to identify any XP, but realize I may only be able to see via browser headers.

Global Protect Client .cfg file?

I would like to deploy the Global Protect Client pre-configured with the Portal IP address in it. Does Palo Alto have a client packager or is there a file that can edited and added with the client install file?

Thx

SSL Decryption - What categories do you decrypt?

Right now we have a policy to never decrypt shopping and finance/banking sites, and we decrypt web based email and social networking.

I know there are issues with certain applications (Windows Update I believe?) if you try to decrypt so I wondered wha

Gizmodo Vulnerability in IE?

Anything known, or being doe about this?

thanks

//moe

http://gizmodo.com/new-vulnerability-found-in-every-single-version-of-inte-1568383903/+whitsongordon

WildFire - What sort of hit rate do you see?

I enabled WildFire a month or so back.

I know it works as I download files regularly from the PAN "random wildfire test file" site and sure enough a little while later an alert pings in and it shows in the dashboard.

In production it seems that everyth

Admins linked with AD

hi

recently am creating an admin and linking it with my ad, whenever i click ok i got the attached error,i checked my ldap settings group-mapping auth_profile all correct with no spaces or characters that which could be be a reason, username and passw