General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 497 Views
  • 0 replies
  • 0 Likes

Wildfire Depth

The first question I have is how many layers will the file blocking inspect? For example, a zip in a zip has an exe that is malicious. If the PA doesn't inspect that far down wouldn't I be able to get through the firewall inspection?

If the above is t

...

das by Not applicable
  • 2743 Views
  • 2 replies
  • 0 Likes

Issues getting ip-user mapping with probing error

Hello,

I've got UI agent 4.1.6 configured on PanOS 4.1.9.

We have around 3000 users and in agent we see only around 700 user-mapping count.

in the logs we get the below error for a lot of IPs and i guess that's why we dont get all users. I've tried to d

...

vinesh by L2 Linker
  • 5033 Views
  • 3 replies
  • 0 Likes

miniduke

I got the question from de security dept, to investigate miniduke.

This was is detected by kaspersky labs, as an exploit of an Adobe flaw CVE-2013-6040

I dont' find anything on PaloAlto about miniduke , or CVE-2013-6040

LucVdb by Not applicable
  • 1720 Views
  • 1 replies
  • 0 Likes

Report on attempts to access unsuitable content

Hi All

I have been tasked with creating a report that shows if a user has attempted to access or find a way of accessing unsuitable content.

While I can obviously run a report on pages that have been blocked by the filtering system we want to see any

...

Resolved! Eicar and Palo Alto threat-db

First a question:

Where and how can I see what is the default action for a particular threat, vuln or spyware threatid?

Preferly from within the box itself...

And now for an observation:

I tried searching for eicar in the threat vault and obviously there

...

mikand by L6 Presenter
  • 4127 Views
  • 4 replies
  • 0 Likes

Resolved! Getting an application definition modified?

Folks.

I have run into an issue with the way a specific application passes the firewall, and I need to put in a request to Palo Alto to have it modified.

The application is Subversion, and when I set the firewall to allow only "application default" ser

...

darren_g by L4 Transporter
  • 4291 Views
  • 5 replies
  • 0 Likes

URL Filtering - Continue Action on Terminal Server

Hi,

I have a customer who has deployed a PA-2020 with 3 Terminal Server agents at this seems to be operating well with one exception.

They have configured a URL filtering policy that has a Continue action on a number of categories.

When a standard LAN u

...

Resolved! SSL Decryption on Apps.

Outside of SSH and SSL applications can anyone if there is a lookup in applipedia to tell whether the SSL decode applies to an application?

amansour by L4 Transporter
  • 1829 Views
  • 1 replies
  • 0 Likes

Is there a reason to hide hotfixes in Software Update?

I was curious to know if there was some prevailing notion as to why PA would keep the hotfixes hidden or at least not readily available from the Software section of the firewall itself.

It is displayed where deployment without the hotfix is a very bad

...

Palo Alto Vmware image

Hi,

I am planning to replace my company's firewalls with Palo alto instead of Checkpoint however I need try it out in a lab or something before I provide further information to my management team, Is there a way I can get a vmware image to try it out

...

Krishna by Not applicable
  • 2944 Views
  • 3 replies
  • 0 Likes

Resolved! 5.0.2 upgrade question

I want to upgrade from 4.1.7 to 5.0.2, I am currently running Global Protect v1.1.6.. and pan agent user-id agent v4.1.4-3.  Can I perform the upgrade without updating the GP client and user-id agents?

rrau by L3 Networker
  • 2514 Views
  • 2 replies
  • 0 Likes

BGP Dampening Profiles

All,

Does anyone know the CLI command to use to view the dampening profiles status on flapping routes?  There looks like a way to clear the status with clear counters bgp ... but I cannot find the available show command.

Thanks in advance,

Jason

  • 24092 Posts
  • 116 Subscriptions
Labels