Office 365 App Detection

Hi,

I was wondering if there are any plans or a method how to detect Office 365 traffic?

We have no URL scanning license on the box, so we depend on the App detection method.

Because all traffic is a SSL connection, PaloAlto reports the traffic as gene

No IP addresses on HA interfaces

Hi all,

I'm working for a new company building out several new data centers. They got a jump on getting things up and running before hiring their own resource and had a consultant setup a couple of pairs of PA-2050s. They are active/passive. The consu

commit is always there

I have noticed that whenever I log into my firewall now the commit option is always available.  I haven't made changes yet I can click commit.  Whats up with that? I would expect it to be grayed out like right after I do the commit.

Dropbox - allow web app but block client?

Our IT department has decided to allow Dropbox, but only the web interface. Installed client traffic should still be blocked.

Since the only identified app in Palo Alto is dropbox, we cannot block that app.

Is there any suggestion on how can I do this?

Vulnerability Protection - BlockIP

I have configured a vulnerability protection profile to blacklist the ip addresses of attackers for all brute force login attempts with the signatures provided in the threat database.  The profile works very well.  However, i would now like to see th

Can I advertise a static route via OSPF?

I have OSPF working for subnets to which I'm directly connected.  I have a static route to another subnet to which I'm not directly connected.  Can I advertise this route via OSPF?  If so, how?

Updated custom response page doesn't show

Hi all

First post, better behave I've been fiddling around with the antivirus block page on our PA5050-boxes with panos 4.1.4 but for some reason the page I upload to the boxes won't show. It did change once (uncertain why), but if I now try to eithe

User-ID Agent odd outbound traffic patterns

All,

We've noticed some strange traffic patterns coming from our Agent boxes and am curious why, and if others are seeing something similar... ?

Looking in our Monitoring logs I see our two Agents sending data to:

14.1.1.19

14.2.1.19

14.2.1.1

Via SMB ports

Negative experience from PA/PAN?

Of course there are no such thing as bugfree soft/hardware (perhaps with the exeption for that kernel which Gernot Heiser at Open Kernel Labs is involved in (http://www.etn.se/images/expert/Gernot_Heiser_OK_Labs.pdf) which is mathematical proven to b

Skype requires 'unknown-tcp'

Why is 'unknown-tcp' an application dependency of Skype,  is it possible to remove a dependency from a pre-defined application.   Or do we have to setup an application overide?

I don't really want to allow unknown-tcp 'apps' just to allow someone to u

DHCP Relay not returning address from MS AD DHCP Server

We setup a DHCP relay to a MS 2008R2 DHCP server, server recieves the relay and passes a client address back to PA 2050 running 4.1.3, the address does not get passed through to client, logs show only thr DHCP request going out but nothing back, no b

Possible solution to slow commit

Hi, regarding of the desperately slow commits in PA specially with a large number of rules and object. From our experiencie in other systems the rule shadow check is a very high CPU feature. It's sure that PA do a rule shadow and this it's in concord

The people complain about slow commit

Whenever we make a PoC, Everybody complains about slow commit.

As far as I know, the traffic is not effected during the commit.

But people request faster commit

First, How can we explain slow commit to people technically.

Secondly, Is there any plan to