Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

Resolved! Securing inbound traffic

Hi all,

Hopefully a fairly straight forward beginner question. If I'm wanting to securely set up a basic inbound rule to direct traffic to a web service in our DMZ (from a single external source address), is it best to specify the source address in t

...

Resolved! VPN tunnel between ASA 5505 and PA 3020

I am trying to create a vpn tunnel betetween a ASA 5505 and PA 3020 and it keeps giving me IKEv2 error but I don't even have that enabled. What is the best way to do this type of VPN tunnel?

What is Threat Prevention Throughput?

We're looking to pick up a new firewall, but we're not sure what Threat Prevention Throughput is and if it could be a potential network bottleneck. We're looking at the PA-500 and we have a 100 Mbps link now, but if we bump up our line speed, will th

...

OSPFv3 won't distribute static default route?

Toying around with it and it will redistribute any other route, but not ::/0. It also doesn't honor the "Reject Default Route" flag.

6.0.2, PA5050

Resolved! Copying security profiles between PAN devices

Is there a way to copy security profiles and custom sigs from one PAN device to another? We have 3 PAN devices (one PA2020 and 2 PA500's) and don't want to recreate the profiles/sigs using the GUI on each device whenever we make a change.

Perhaps this

...

Unorthodox use of vulnerability signatures, data filtering for URL blocking. Please advise.

Ok so I'd really like to skip the part about why my organization does this and get to the part about what should I be concerned about...

Our PA is set up to block many many many URL's using URL Filtering, just as you'd expect any org to do, but there

...

Resolved! SYSTEM ALERT : high : Syslog connection established to server

I have mail notifications enabled for high and critical system logs. Because of this, I receive the following mail multiple times a day:

SYSTEM ALERT : high : Syslog connection established to server['AF_INET.10.0.0.49:514.']

domain: 1

receive_time: 2013

...

Captive Portal with NTLM authentication redirect loop

Hello,

I have successfully configured a captive portal with NTLM authentication for User-ID and users are successfully authenticating using NTLM, but right after that they are stuck in a redirect loop on the following page:

User Authentication in Proce

...

Resolved! VPN-SSL through Palo Alto

Hi, im having problems connecting with VPN-SSL clients (Global Protect and SonicWALL VPN Client). We have a firewall Palo Alto to go to internet and i use these VPN clients for connecting to several branches but i dont know why my Palo Alto (which VP

...

Resolved! QOS on Interface with 20 Mb

Hello,

I want to restrict bandwidth on interface e1/2 with 20 Mb

I have created QOS Profile with wireless and applied that on interface e1/2.

Enclosed are the snapshots for your reference. Please advise that it who to test this profile.

Thank you.

Suspicious DNS Query Action

Hello PAN Community,

I would just like to know if its possible to edit or change the default action for a specific suspicious DNS query?

We have a situation here where what we wanted to happen is to drop all the packets for suspicious DNS query instead

...

SSL VPN - Basic Questions

What basic steps have to be complete to allow a remote user to enter an ip address in their browser and get the ssl vpn authentication screen? We currently get an eventual timeout when we try to connect from a browser. We followed the basic GlobalPr

...

Resolved! Making server available with NAT doesn't work

Today I tried to configure our PA500 firewall to make a server from our DMZ zone available for Office 365. But first I will explain our network topology.
In our company we have 2 internet lines, one for internet and the other one as backup. After this

...

User-ID sometimes missing ntlmdomain\ on the firewall

Hi,

I've recently seen this a couple of times on completely separate firewalls / AD infrastructures (a 2050 cluster and a 3020 cluster, both running 5.0.8). User ID is setup and working fine along with LDAP group mapping

However on the odd occasion use

...

Wildfire - is the full subscription worth it?

Apologies for the somewhat blunt title but it really is as simple as that

I've been using the bundled WildFire service for some time and did begin to wonder if it was working until it pinged on a couple of zero day Zeus trojans - seems our folks are

...

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!