Lot of 'SMTP Long MAIL anomaly Vulnerability' critical warnings

Sometimes  we get a lot of 'SMTP Long MAIL anomaly Vulnerability' critical e-mail warnings from the PaloAlto PA-500.

PA-500 is filling up our mailbox with this warnings until we block the IP-range.

Does anyone has a suggestion how to moderate this warn

Content-Filter and Decryption - ERR_SSL_PROTOCOL_ERROR

Hi!

I see a strange problem with the combination of content-filtering and decryption:

- Decryption is on

- Facebook is declared as "block-continue"

If I open "http://www.facebook.de" the block-continue-page appears - pressing continue forwards me to "htt

Apple clients and user-id mapping

Hello All,

We recently installed two 3020s in active-passive and connected them to our LDAP.  We see some users are mapping, but not all.

Is there a way for unknown users to authenticate to the Palo Alto so they are given the correct policy?  This was

Tunnel flow

How do you check to see if there is bidrectional flow on a vpn tunnel?

question use Syslog Sender and User ID Agent to do User IP Mappings

I used PAN 6.01 and  followed https://live.paloaltonetworks.com/docs/DOC-6727.

I create a filter as following part for my Aerohive device.

username-regex       username ([a-zA-Z0-9\_]+)

A quick application based policy query

Hi,

I'm trying to better understand application policies and their dependencies and have a question I'm hoping someone can clear up for me. Lets for example say I'm trying to allow users access to an application which has SSH as a dependency. Lets als

Report Destination port diferent

Hi,

I have a doubt about this inform. I dont know why in my report depending on the source the detination port appears in the right column or not.

All those connections in this screeshot are in the port 161(SNMP) but only appears if the source ip is 17

Can any of the PA firewalls act as an SBC?

Hi all,

I am wondering if it is possible to set up a Palo Alto firewall to act as a Session Border Controller for VoIP.

Any articles or company response regarding this capability would be appreciated.

Thanks!

Captive Portal has stopped working?

5.0.11 - we've had Captive Portal in place for months using a Kerberos authentication profile - nothing has been changed.

All of a sudden people aren't seeing the normal Captive Portal page (with the credential boxes in the middle of the screen) they'

HA in VWire and path monitoring

We have an environment (HA active passive in VWire mode) in which the PA is sitting directly connected to an SRX FW in HA.

What we agreed that both of the PA and the SRX should be:

• Link up on the passive device
• Disable failover on link down
• Failove