zip file blocking is also blocking docx files

The organization policy is to block ZIP file types.

We are having problems with docx file type which they are a ZIP file but in the file blocking profile I can see Paloalto should know how to recognize docx files but we still get drops

i would like to

File Types and Md5 Hashes

I write SIEM content (Mostly Arcsight and Q1), I have found PAN to be very effective in identifying adverse traffic. One thing that would be great, that in addition to recognizing the file type such as "file Microsoft PE File(52060)" which is useful

Another PA bypass

Found this one recently:

http://www.what2code.net/?p=150

http://www.youtube.com/watch?v=wPHeAkv8BaE

Where dns is being used to tunnel ssh traffic through and of course there will be ways to bypass things but how is/will PA address this latest finding?

(a

Ignore_user_list

Hello,

I'm using PAN Agent 3.1.2 on WIN2008 server and somethimes after restart the Ignore_user_list seams to be ignored )user on the lista are still identified by the PAN firewall).

Does someone had this problem ? there is way to have an alert or log

Security policies did not take effect after Sleep Mode

Hi,

Just like to find out if there is a known  issue with Palo Alto and Windows 8 for direct internet policy.  Currently, we have defined a policy in PA to allow AD user to connect to internet.  However, based on my observation, once my notebook goes

Operation Failed: Invalid Sequence

Hello,

I recently upgraded to Panorama 5.1.0 (I know, I'm a glutton for punishment!) and am experiencing an issue when attempting to add items to an application group. We've tested this with several workstations and both IE and Chrome and each result

In HA, Pasive firewall sent the traps and CACTI shows data, Active send nothing

Hello everybody

I have 2 PA-2050 with PanOS 4.0.11 configured with HA. The traps are sent by the Pasive Firewall not the Active, also source IP of the trap belongs to Pasive not by the shared management IP.I just checked the managemtn Profile and SNMP

DHCP issue in vwire

Hi all,

Having a really simple archie with two ports in vwire (Allow all vlan and multicast on it), create a rule "trust to untrust allow all".

Issue is for dhcp request, I have to create a rule allowing dhcp answer from untrust to trust ....

In my mind

Need help for HA Active/Active configuration with two ISPs with IPs in different subnets.

Hi All,

In below scenario firewall external interfaces of both firewall has configured with IPs in the same subnet (topology 1)what if configured with the different IPs for different ISPs (topology 2).

Kindly consider the above query all the HA Active

Is it possible to block method POST in any website?

    Hi guys,

               Our company don't want employee to post anything on internet so we're trying to create custom application that block method POST on http-request-message. But when we're trying to write a pattern. It's always pop up an alert

Global Protect Portal/Gateway Certificate Issue

Hi,

Just recently after upgrading to Global Protect Version 1.2.4 we started getting error messages on our external users laptops that there was an " CN Mismatch Name" but continuing still allowed them to connect..

After determing it was a Common Name