General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Traffic on untrust interface - problem

I have a problem. I have 8Mb internet connections some of my servers are directly connected to internet (I have a switch connected to servers and PA200).

Every day throught untrust interface are made backups of this servers. So the traffic on untrust

...

Resolved! Guidance in setting up ssl decryption - cert management

I am trying to get this setup for a customer and this is my first time setting up ssl decryption. The customer has SBS2011 so they do have AD CA. I created a domain cert for the PA and exported the root cert. I imported both of these into the PAN fir

...

Resolved! Minimal Hardware requeriments for User ID Agent

Hi,

Someone knows a minimum requirements for installation of the user-id Agent?

Greetings.

--Marco

Best Practices for Application Policies?

I was wondering if there is a best practices document for setting up a policy to control particular applications. I've already dug through the Skype tech document which tells to enable unknown applications. Are there any other applications that work

...

SMB Fragment Packet Found(32332)

Hi,

Anyone have experience of this firing off continuously for 'normal' LAN traffic (deffo not being used as an evasion technique) since the signature was modified (v337)?

Cheers

VMWare series firewall

Just noticed a section of he help file for PANOS 5 which mentions a virtual firewall series from Palo Alto. Sure am interested in some more info....

Bob

Yahoo Toolbar uses port 443. The application database on the PAN only looks for port 80.

Hi, I noticed my PAN is blocking connections from my client computers to the yahoo toolbar over port 443. After looking around in the database I noticed that it's only looking for this app to use port 80. Is there a way for me to add port 443 to this

...

Resolved! Problem with multiple Netflow profiles

Hello,

I encounter a problem using multiple netflow profiles on our PA-500 running PAN-OS 4.1.8

I have defined 3 different neflow profiles, each refers to a specific port on the same host.

Each profile is assigned to exactly one physical layser 3 interf

...

Block page and SSL

Hey all,

So, we have a need to block everyone but a small AD group access to a couple pages. Now, we don't want to just "deny" them in the rule (we have a comfort page that promps them they are blocked and allows them to request access) - I don't wan

...

Resolved! What is hidden locally on a device when being managed by Panorama?

When you configure a PA device to be managed by Panorama the first thing that (when you login through web-gui directly to the managed device) goes away is the contents of running-config.xml regarding address objects and security policies.

These settin

...

Resolved! Application = insufficient-data?

We have some outgoing UDP traffic that shows up in the traffic log with "insufficient-data" in the application field. The problem is that this traffic is being allowed through the firewall because it's being matched to a rule that allows FTP traffic

...

Some of traffic logs are not converted,is it a bug ?

When upgrading from PAN-OS 4.0.9 to 4.1.7, some of traffic logs are not converted from the old logs.
It seems like the logs of about one hour before upgrading are unavailable. I am using PA-2050 and PA-5020.

Alternative to sAMAccountname ,when using Ldap for Authentication

Hi,

When we use to authenticate users through AD, we configure LDAP profile and in Authentication profile tab.

We write "sAMAccountname" for attribute at this window.We want to change this attribute and we want users not to log in with just username; W

...

Resolved! Panorama license limit

Does anyone know if a customer owns a Panorama 25 device license and wants to add device #26, will it not allow them to add the 26th device or will it?

Thx

Threat exception for selected hosts

Hi,

We have defined vulnerability group which consists of AV, Anti-Spyware and Vulnerability profile. The vulnerability profile is configured to block critical events and alert on high and med. I have a need to except few hosts which are alerting for

...

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Welcome to the General Topics Discussions!

Rules and Best Practices

Traffic on untrust interface - problem

Resolved! Guidance in setting up ssl decryption - cert management

Resolved! Minimal Hardware requeriments for User ID Agent

Best Practices for Application Policies?

SMB Fragment Packet Found(32332)

VMWare series firewall

Yahoo Toolbar uses port 443. The application database on the PAN only looks for port 80.

Resolved! Problem with multiple Netflow profiles

Block page and SSL

Resolved! What is hidden locally on a device when being managed by Panorama?

Resolved! Application = insufficient-data?

Some of traffic logs are not converted,is it a bug ?

Alternative to sAMAccountname ,when using Ldap for Authentication

Resolved! Panorama license limit

Threat exception for selected hosts

TCP fast open and Palo Alto

FW Ha Cluster disconnected from Panorama

maximum number of bgp routes for VM-series

Flexible vCPU VM Firewall interfaces are down

Management and Dataplane on Vsys

Re: GlobalProtect 6.3.3

Re: Flexible vCPU VM Firewall interfaces are down

Re: Data center providing dual ports already in VRRP - my topology?

Re: PAN-OS Release Frequency

Re: Alerts for dynamic updates

Unlock your full community experience!

General Topics

Rules and Best Practices

Resolved! Guidance in setting up ssl decryption - cert management

Resolved! Minimal Hardware requeriments for User ID Agent

Resolved! Problem with multiple Netflow profiles

Resolved! What is hidden locally on a device when being managed by Panorama?

Resolved! Application = insufficient-data?

Resolved! Panorama license limit