malware??
Dumb question perhaps, but why is www.googletagservices.com/tag/js/gpt.js being flagged as a malicious URL? It doesn't come up that way in PA's URL filtering site.It's created a considerable jump in my botnet list.Thanks in advance...//moe
Dumb question perhaps, but why is www.googletagservices.com/tag/js/gpt.js being flagged as a malicious URL? It doesn't come up that way in PA's URL filtering site.It's created a considerable jump in my botnet list.Thanks in advance...//moe
Hopefully a quick question - is there any way to determine whether a executable has been blocked because it was a Wildfire derived signature (for paying customers). It may be obvious when it happens, but hard to know if it has etc.Would like to be able to correlate the protection afforded by the service by providing a discrete count of executab...
i have three offices:office 1: US - northeast 1.1.1.1 PAN-500HAOffice 2: US - southeast 2.2.2.2 PAN-3020HA HQ siteOffice 3: Shanghai China 3.3.3.3 PAN-200all three IPSEC tunnels were up and running. My Office 3 moved locations and when they did that we obtained a new static IP from the executive office we moved into. We updated the fire...
Hi,We need to programmatically toggle our PA500's GUI setting "Policies / Captive Portal / My_CP_Policy / Action" between "no-captive-portal" and "web-form" from a windows server.I assume that this is possible using CLI remotely, but where can I find documentation how to setup everything for a task like this?Thanks a lot for help on thisregards...
I configured a Netflow profile and associated it with a "Untrust" Interface on my active Machine in my setup.I was surprised seeing that the second Active machine got this assotiation too. So I accume both machines are sending to the same receiver and to the same port.I'm new to Netflow and my question is: How does the receiver distinguish which...
Hi,We currently let our TSA connect to our management interface. This is however causing problems in that in about 30 mins all traffic is dropped on the management interface. The GUI and CLI and such are time-outed then. To resolve this we need to remove the TSA on the PA and the interface works fine again.Support recommends to provision an dedi...
Got the pre-logon function working ok. The problem i have is that it doesn't seem to start quick enough to process login scripts etc.For example when I log onto my network LAN using the laptop the drives are mapped and i get a pop up announcement message - all standard stuff.When I then take the laptop off the LAN and connect it to the internet ...
Hello,I've been asked to block certain countries...- All of Europe except Spain- All of Asia (except Japan, Australia, Korea, Singapore, Taiwan)- All of AfricaI figured I could add those countries to a "Denied Countries" group to use in a security policy but I don't see the countries listed when I try to create my address group... they only exis...
We have a /24 public IP network where some of the IPs will not NAT and some will NAT. For the scenario were there will be no NAT, the host behind the PaloAlto will have a public IP assigned to the NIC. Under what scenario would I break up the /24 into smaller subnets or leave the subnet as a large /24. This is for a pa-500 in Layer 3 configur...
Where to start with this topic:I can monitor the bandwith with SNMP and PRTG Network Monitor.Now I'm interested in data >>>PA can provide <<< about types of data, sources and destinations?I would like to check e.g. this:How much VoIP is running through the PA?Who is downloading most data at the moment.a.s.o.I know there is sflo...
Hi all,There is a topology like below.Clients using Cisco vpn and they are enforced to use some proxies(enforced from Active Directory)There is a Local Websense but it cannot be used because of that enforcement.Can Paloalto firewall decrypt that SSL traffic and make websense available to use ?is that possible ?Cisco Any Connect Client-----------...
HelloMy customer think all w.generic virus signarues would have false-positive.So he want to make a virus profile excepted all w.generic signatures.Can it be made?Thanks.
PA-200PAN 6.01I imported a certificate, but failed to do something correctly. I wanted to delete the cert, and start over. When I select the certificate 'ServicesVPN' and click Delete I'm told ... 1- Failed to delete Certificate - ServicesVPN. ° ServicesVPN cannot be deleted because of references from: ° deviceconfig -> system -> sy...
I am going to add a bunch of service acct into pan agnet 5.0.6 for pa FW to ignore the mapping. but i wonder is there maximum entries of the ignore list file ?
There is no allow policy from Untrust to DMZ to contact the FTP Server.There is an deny policy instead as a last policy between ZONE Untrust und ZONE DMZ.But if I try to connect to FTP Server a connection is estabilished and my FTP Server asks for a Username.This is the end of communication - but is anyone allowed to connect to my FTP Server?Roman
| Subject | Likes |
|---|---|
| 4 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 4 | |
| 3 | |
| 3 | |
| 2 | |
| 2 |

