General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Upgrade to PANOS 6.0.0

Have anyone upgrade PANOS to 6.0.0 already ? any problems ?

I wonder why version 6.0.0 release date (01/19/2014) is older 5.0.11 (01/29/2014).

Regards,

Restricting users to Internet only

How can I restrict a certain group (ip range\VLAN) to internet only access.? I don't want them to get to internal network shares with unfamiliar devices. We use Aruba Clear pass to authenticate and assign IPs and the PA 500 sits on the parameter. I

...

Resolved! We had a vendor run a vulnerability report I was hoping someone could decipher for me?

Not sure what this means and how to alleviate it? The firewall is running 4.1.13.

SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability

Synopsis : It may be possible to obtain sensitive information from the remote h

...

Resolved! Application Still showing up after removal from Security Rule

I recently added the ms-lync-online app to a rule in my PA-500. We decided we didn't need it and removed it. After a month of commits and saves that app is still showing up in the commit window summary and asking for a required app with it. I have

...

GlobalProtect Host State Does Not Detect Antivirus

I have a support ticket open about this as well, but I was wondering if anyone has encountered an issue where GlobalPortect does not detect the antivirus installed on your computer for HIP checks to work and know of a fix for it? I have the latest ve

...

Resolved! Not switch url-filtering vendor from brightcloud to pan-db in panos 6.0.0

Hello

I tried to switch url-filtering vendor from brightcould to pan-db in panos 6.0.0 for test.

But it was not switched with the following error message.

I tried that fw reboot. but it was not still switched with same error message.

Please let me know r

...

How to increase amount of log data removed by database purge

I currently have a very large number of "Current size of threat log database exceeds alarm threshold."

On occasion I do see that logging stops at some point during the day and then resumes after the nightly database purge occurs.

I would like for the n

...

How to Fix High CPU Usage on Palo Alto PAN-2020

Hello,

We use this FW as proxy, we have PaloAlto1 and PaloAlto2 it's cluster how can I troubleshoot this issue.

Thank's you

Best regards,

How to block .enc file types

In light of the recent security announcement regarding GameOver Zeus, does anyone know how to block .enc type files under FileBlocking?

NTP attacks - threshold-based blocks?

Our campus has been getting a lot of NTP DDoS attacks of late. While the simple solution would be to shut it down except for necessary systems, the problem (as per usual in public-sector) is that everyone seems to want to run something that uses it

...

Resolved! activ/passiv-cluster police in sync but different rule handling

Hi everyone,

some trouble if i turn the activ one to the passiv and vice versa. the policy was syncronized but the result was different.

Same rule and same source / destination and same App (ssh). in the unsuccessful log i can't either see session- id

...

Dynamic updates ERROR after updated 6.0.0. Why? HELP

HI

I updated yesterday software from 5.0.10 to 6.0.0

But after such an error occurred

Before that everything was normal

But after such an error occurred

many reboots, many check updates but the error is still

WHY HOW TO FIX HELP

Resolved! Wildfire in Dynamic Update

Hello~

Since PAN OS 5.0.x more We can download wildfire signatures in dynamic update

but I don't know understand about Minutes Pass Hour

Is it same the other AV, Content threshold (hours)?

Community Expert Verified

Resolved! Where is SSL processing done - data plane or management plane?

Bit of a curly one which I'm not sure of the answer on.

We're hitting our PA2020's pretty hard in the SSL VPN department (now hitting up to 50 or 60 clients at a time), a reasonably recent ramp-up owing to some business expansion - also have several I

...

DoS applictation attack to DNS server - how to prevent, and how to create report showing IP addressess with the highest number of session (not bytes) opened to it

From time to time I observe a lots of DNS queries (not UDP floods) from Internet to my DNS servers. Unfortunately those queries have negative inpact to my old firewall (it can't establish so many sessions, which makes the network stops).

Probably my D

...

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Welcome to the General Topics Discussions!

Rules and Best Practices

Upgrade to PANOS 6.0.0

Restricting users to Internet only

Resolved! We had a vendor run a vulnerability report I was hoping someone could decipher for me?

Resolved! Application Still showing up after removal from Security Rule

GlobalProtect Host State Does Not Detect Antivirus

Resolved! Not switch url-filtering vendor from brightcloud to pan-db in panos 6.0.0

How to increase amount of log data removed by database purge

How to Fix High CPU Usage on Palo Alto PAN-2020

How to block .enc file types

NTP attacks - threshold-based blocks?

Resolved! activ/passiv-cluster police in sync but different rule handling

Dynamic updates ERROR after updated 6.0.0. Why? HELP

Resolved! Wildfire in Dynamic Update

Resolved! Where is SSL processing done - data plane or management plane?

DoS applictation attack to DNS server - how to prevent, and how to create report showing IP addressess with the highest number of session (not bytes) opened to it

FW Ha Cluster disconnected from Panorama

maximum number of bgp routes for VM-series

Flexible vCPU VM Firewall interfaces are down

Management and Dataplane on Vsys

Site flagged as GRAYWARE (PLEASE HELP!!!)

Re: Flexible vCPU VM Firewall interfaces are down

Re: Data center providing dual ports already in VRRP - my topology?

Re: PAN-OS Release Frequency

Re: Alerts for dynamic updates

Bug Search Tool (New Feature & UI)

Unlock your full community experience!

General Topics

Rules and Best Practices

Resolved! We had a vendor run a vulnerability report I was hoping someone could decipher for me?

Resolved! Application Still showing up after removal from Security Rule

Resolved! Not switch url-filtering vendor from brightcloud to pan-db in panos 6.0.0

Resolved! activ/passiv-cluster police in sync but different rule handling

Resolved! Wildfire in Dynamic Update

Resolved! Where is SSL processing done - data plane or management plane?