Dynamic update internal firewall
Hi all,
We have an internal firewall that does not have no Internet access. I wonder what is the best way and best practice in updating the IPS / AV signature (no URL filtering).
Any recommendation?
Thanks
Hi all,
We have an internal firewall that does not have no Internet access. I wonder what is the best way and best practice in updating the IPS / AV signature (no URL filtering).
Any recommendation?
Thanks
Is it possible to configure remote vpn client access without a Global Protect Gateway license? It seems that remote client vpn configuration depends on HIP Objects/ Profiles, which in-turn requires Global Protect licensing. Is there a way to configur
...
Hello all,
I have a (working) Global Protect Portal+Gateway envrionment. I am now trying to setup a gateway in a second datacenter. I have setup the same GP-cert and Client-Cert, cert_Profile and GP Gateway settings. The gateway works, when setting a
...
There has Dynamic Block Lists to block unwanted IPs.
And there has DNS signature in Anti Spyware profile.
Above are all helpful to block malicious sites.
And if I found a bad dns query, is there any way to create custom dns block lists?
(Think I know the answer to this already but...)
Panorama 4.1.14
We have a NAS that I would like to push automated exports to from Panorama. I would like to ftp export to a specific path (we don't use user Home paths) but can't seem to do it. Only the
...
I was hoping not to have to edit each rule separately. Does anyone know a way to do this?
We are seeing issues with Google ssl traffic being identified as Ultrasurf. Problem went away when we backed out the update (which included updates to the ultrasurf application definition). Ticket is into Support. May want to avoid updating to 396
...
Hey guys,
Anyone has had this issue with GP?
The PanGP virtual NIC is making a "connection verification" for "ages" and nothing happens.
I have made a workaround to solve this problem but would like to know what is the reason for it.
Of 100 clients, I ha
...
In our company we have two internet browsing profiles.
Users who belong to the AD Domain users have limited access to internet and users AD group belongs to UsuariosInternet can access anywhere.
My AD user is canopr and I have internet access from my P
Anyone else getting this ? Obviously a false positive. I have to say the URL filtering database leaves a lot to be desired.
Hi All,
is it possible to exclude traffic and threat log from exporting to syslog server ?
Just i want to forward only system and configuration logs to syslog server instead of sending all the logs.
Thank you
Gururaj
Hi all,
We have recently migrated from Juniper to Palo Alto firewall and there are numerous firewall rules that are obsolete and potentially a security risk to me. I tried to use "highlight unused rules" button but it does not seem consistent to me. A
...
Hi All,
In our AD user names are in alphanumeric eg: che121, che122 , che124 it is very difficult to identify the exact user. In this case is it possible to fetch the account name instead of user login name. Because account name is the real name of th
...
Hi all,
I have some experience with PAN firewalls and I have found a new challenge (the new challenges never stop...).
We are going to integrate some offices with the "Blue Coat Cloud Service". This integration requires to build a ipsec vpn with the B
...
Hello, Guys, I have one question.
First below is the packet flow from "Packet Flow.pdf" document. According to this document ...
In the red square, before PA make session table, it checks packet's ip and port (like the legacy L4 firewall), and then aft
...Subject | Likes |
---|---|
5 Likes | |
4 Likes | |
3 Likes | |
3 Likes | |
3 Likes |
User | Likes Count |
---|---|
11 | |
7 | |
7 | |
5 | |
5 |