General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

machine authentication

hello!

we have a need to identify user machines associated with a domain. specifically, we want to create security policies based upon domain membership. is that even possible, and how would we achieve this functionality?

thnx!

YouTube mobile app

We have YouTube blocked for some users, but it appears they can still play videos via the mobile app version of YouTube (both Android and IOS)

Testing this myself I find that blocking is intermittent and if you hit play a few times the video eventuall

...

Resolved! SSL Decryption Whitelisting

So, I have just implemented SSL Decryption in our environment and we hit a website that appears to not work properly because of it. (It's sap.com, click on the login link in the upper right.) We don't see any errors in the firewall but the login prom

...

GP-100 MDM Question

Mobile install globalProtect,,but join MDM device need to register,,

register after,,

If you want to cancel the registration, and can be set to be key password ?

Best & Regards

Brian

Eval question

Given a flow and properly written policy to allow Facebook and its myriad apps/widgets on port 80/443, other than the admin management overhead (i.e., having to open ports 80 and 443), how is what Palo Alto does different from what Checkpoint does?

Th

...

derasa by L0 Member
  • 1584 Views
  • 1 replies
  • 0 Likes

AD WMI overload issue

Hello,

Configuration on my Palo Alto is causing AD to overload and crash because of the WMI query load. When i checked AD for the logs, i saw that its getting the logs in UTC timezone. This is causing an issue because im in GMT+3 timezone. I also have

...

What is the default syslog format in PanOS 5.x?

For all the various log types (config, system, threat, traffic, HIP) what is the default syslog format?

All the fields are available to edit in when creating a custom log, but it would be useful to have the default format defined for reference.

bds by L0 Member
  • 2065 Views
  • 1 replies
  • 0 Likes

external captive portal

I'm thinking about trying something a little out of the square with user-id and captive portal. Let me start with the context and business goal:

  • The PAN is deployed as a data centre firewall.
  • I'd like to use some policies that permit clients access to
...

Global Protect 2-factor Auth & User-ID Mapping

Hi All,

I'm migrating from ASA to Palo Alto including user VPN access (AnyConnect).  The setup will be 2 factor authentication with LDAP/Kerberos (not sure which yet) for the portal and OTP via RADIUS for the gateway.

The current setup allows access li

...

Resolved! Deepnet 2-factor Authentication

Hi Everyone,

I have a client that is migrating to Palo Alto firewalls.  I'll be implementing Global Protect SSL VPN replacing the existing Cisco Anyconnect.

The client utilizes DeepNet 2-factor authentication for SSL VPN.  I was wondering if anyone had

...

Resolved! Creating application groups

Is there a way to create an application group that will dynamically add applications as they are updated?

For example, I want to create a P2P application group that gets denied. Can I create a filter that says any application that is classified as P2P

...

RFalconer by L3 Networker
  • 1975 Views
  • 2 replies
  • 0 Likes

Eval question

Given a flow and properly written policy to allow Facebook and its myriad apps/widgets on port 80/443, other than the admin management overhead (i.e., having to open ports 80 and 443), how is what Palo Alto does different from what Checkpoint does?

Th

...

derasa by L0 Member
  • 1578 Views
  • 1 replies
  • 0 Likes
  • 24191 Posts
  • 101 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels