Threshold block

I want to block access to the users only if they watch youtube and the bandwidth consumed is more than 500 Mb.

Is this possible. Can this be done.

Need advice whitelisting external network vuln mgmt scanners

Curious what other PAN companies are doing for this? What best practices around whitelisting your own Vuln mgmt internal and external scanners? When we asked PAN support, they recommended adding a new security policy to top, but that's not scalable b

Panorama Virtual Appliance

We're getting ready to migrate from CP to PAN. We have a lic for the Panorma Virtual Appliance. Looking at the doc; 10 or less firewalls is recommended, we have bit more. Has anyone experienced this? Documentation doesn't say why, leaves me wondering

Use of Web Content Filtering for WAN VPN connected PCs?

What would be the best way to go about using the content filtering if possible through the Palo device through PCs that are connected via WAN VPN connections?   The current WAN connection is a split tunnel using a Cradlepoint router.   Is there a way

Firefox SSL decryption issue

We've had PAN kit for the best part of a year and use it for SSL decryption among other things. 

The SSL certs were generated via a CA on our domain. IE, and Chrome work transparently, firefox used to. I know get a "This Connection is Untrusted" page

Custom signature needed to detect "invalid username" response to a brute force login attempt (is it possible?)

Hi,

I'm new to Palo Alto and custom threat signatures. I'm trying to detect invalid login attempts to a web site and apply a time rate. When the user enters an invalid username in the login, the site returns the text "invalid username". Which context

May I set the same ip in different interface between two virtual system？

I  set ip address 192.168.1.254/24 in the ethernet1 which belong default router in the vsvy1.

I try to set the same ip address in the ethernet2 which belong another VR in the vsvy2.

When I commit, it will display duplicate address.

I just do some lab ab

Can't dectec Viber ( Android Phone)

Hi all

I user Viber, Kakatalk, Skype on my Android Phone.

I sent text msg, voice call bay Viber, Skype, Kakaotalk.

But Palo Alto only dectect Skype and Kakao talk

I can't see Viber on Palo Alto?

Pls help me know why.

Problem with domain users to log in Palo Alto's Portal

HI all. I have the problem with domain users to log in Palo Alto's Portal. I configured as document: Admin Guide v5.0 already. However, It doesn't work correctly, domain account cannot log in. Please support me to fix this problem. Thanks

Trust to DMZ (Zone to Zone) Security Policy Failure...

If an expert could please take a look at a test DMZ zone I'm trying to configure on a PA-500 with OS 5.0.8 and tell me where I've gone wrong I'd appreciate it!

I realize it's wide open at the moment, but it's just for personal testing/understanding pu

Rules proccessing

Hey

i have a problem that traffic does not match to a rule

i have this rule

"VIP Users" {

                  profile-setting {

                    profiles {

                      file-blocking "Allowed file type-VIP";

                    }

PA500-Losing Config on reboot.

Hi Guys,

Have an issue with a pa-500 firewall running 5.11 os. There are 2 problems:

1. The system seems to reload every week or so which in itself is bad enough,  but when it reloads it is backnto default config.

2. A slightly lesser issue is that the