LDAPS TCP-636 shows as SSL

Im creating a rule base to limit port access to a Domain Controller in a DMZ. I want to allow TCP/636 (or LDAPS) to this server as well as a group of other applications.

The only problem is that there is no LDAPS application defined. The application L

Next Generation Performance Testing for NGFWs

I found this video last day which might be interresting for some of you:

http://www.youtube.com/watch?v=yxdJNK2YAQU

"

Next Generation Performance Testing for NGFWs

Published on Mar 27, 2013

In this video, Jerish Parapurath, Sr. Technical Marketing Manage

Tftp brightcloud databese issue

Hi,

We tried to upgrade brightcloud version using seed file on support with tftp.

After sending file successfully, when try to install it gives an error like :

Error decrypting BrightCloud database: This image doesn't meet authentication requirements.

IPS Evasion

So are the techniques used in the following article realistic?

http://www.sans.org/reading_room/whitepapers/intrusion/beating-ips_34137

Palo Alto's PAN-OS 5.0 made it a bit harder, compared to the others at least.

Dns Proxy

Hi,

is there a document for configuring Dns proxy function with detailed explanation about properties in it.

Thanks

What's meaning that first two number in Email Report??

Dear All,

Have anyone know?

When I receive Email Report, like above. The file name is 10-20130315Weekly-summary-report  ,

What is meaning about 10 this number??

(Everyday 's report have different number, but I still not known what is mean??)

Best Regards

If the PAN's in HA are perimeter FW's and IPS's how do you configure for Internal IPS Monitoring?

If the PAN's in HA are perimeter FW's and IPS's how do you configure for Internal IPS Monitoring?

We'd like to be able to see internal IPS threats to our server farms sourced from workstations on the LAN's.

Is this scenario achievable with two HA PAN's

Which CLI modes can be granted to a URL Filtering Profile Administrator without granting full CLI roles?

Which CLI modes can be granted to a URL Filtering Administrator without granting full CLI Admin roles?

We want to be able to see which URL Filter profile group a user is in using the CLI commands for showing group membership.

We would also want to be a

Block traffic to ip addresses

How do you block traffic going directly to ip addresses?

Another bug for 5.0.3

When using port with address of External Gateway on Global protect, 5.0.3 does not accept this.

it is working on 5.0.2

Does PAN support SAML redirect for SSL VPN Auth? Or possibly x.509 redirect?

I'm looking to use a 3rd party product for SSL VPN authentication such as the Secure Auth for 2 factor.  Has anyone gotten this to work with the Palo Alto device?  It works with an ASA and a Juniper SA.

Best way to update app and content without impacting traffic...?

Hello All,

I am posing this as a question to the community, but in the latest release of app/content updates for PA, a new more focused signature was released.  The new more focused signature was ms-wmi, and it was previously identified as msrpc.

So...