Last i heard it was going to be released end of June...
The other day we discovered that our SMTP server was unable to send email to the silvacom.com domain.The problem was traced to our PAN rule which allows only SMTP traffic to eminate from our email server, on the application-default port. All attempts to deliver email to this domain, however, were being seen by the PAN as FTP traffic on TCP port ...
Hi,my questions deals with the application detection. As far as I know the heuristic engine is the last possibility after application signature and decoders weren't successful.But does anybody know how much traffic (bytes or packets) will/can run through a PAN before the heuristic engine gives and the application is set to "unknown"?Many thanks,...
Hello,So I have tested SSL decryption today, and I made it work. But for some reason some of the webpages that are being decrypted are extremely slow. Facebook and even support.paloaltonetworks.com are two of them.I exported a CA certificate from our AD and imported it into the PA as described in a document I found on the knowledgebase.Look at t...
Hi,I have a few questions about how the user-id works that I have been unable to solve.We are currently rolling out a lot of virtual systems to our customers in a MSSP environment and as you can imagine coming across some strange server setups. This has resulted in some strange behaviour with user-id setups.I am trying to work out how user-id b...
In browsing through the default actions for vulnerabilities, spyware and AV I see that the a lot of the actions for HIGH and CRITICAL severity events is just Alert. I expected a lot more blocking, dropping, and resetting. (half of High and >10% of Critical Vulnerabilities and the vast majority of High and Critical anti-spyware are Alert on...
HiI have a simple L3 setup.E1/1 connected to a router (default gateway to the internet). IP 192.168.119.2, untagged Zone VLAN1E1/2.2 connected to a switch (VLAN 2 tagged). IP 10.2.2.1 (default gateway for the 10.2.2.0/24 network), Zone VLAN2I have a default allow all rule, no nat (VLAN2 to VLAN1)A ping from 10.2.2.51 to 8.8.8.8 doesn't work, so ...
HiI have a host which I can access without password with ssh by public key.This works fine, but as soon as the traffic goes over a PAN (500), I get asked for the password.Is the PA500 doing anything special here that I'm not aware of?Thanks
Is there a way to disable SSL renegotiation at firewall level ?Disabling it server side ( Microsoft Security Advisory: Vulnerability in TLS/SSL could allow spoofing ) breaks activeSync. I'd like to test a different scenario to get rid of the many false positives we get for the SSL Renegotiation Denial of Service Vulnerability.
Hello All,Maybe it's there, in a doc, but I cannot find it...Suppose I have tiered architecture.And suppose developer breaks his code and want's to connect to other security zone or to the outside world buth should not, and I want his application to know it immidiatelly by getting tcp reset.Right now I catch myself debugging for several hours ro...
We are sometimes getting a block page when accessing brightcloud.com to report a site. The category returned is 'malware-sites'. The logs show that 'service.brightcloud.com' is correct, but 'brightcloud.com/support/lookup.php' and 'brightcloud.com/support/border-radius.htc' are URL blocked as 'malware-sites'.
Let me start by giving the traditional, ive rtfm, this forum wont let me search it and ive tried hard to find it myself.I need one simple thing. How much load is on my FW and whats the load been historically? Where the heck can I find this? All I can find is the 'resource information' widget on the dashboard page.thanks!
What dose that error mean?Im trying to get a simple certificate from an w2k8 server CA to use in the Global Protect.The Secure WebGui certificate works fine.Thx in adavanced.
Hi guys,the vulnerability protection is a really nice feature of the PA.If the PA is able to take a look at the trafficthis should work fine.But how does it work if the webserver in the dmz only accepts https connections ? So the possible attacker connects with https to the webserver.I guess i need to terminate the ssl tunnel at the pa to be abl...
HelloI try to do some traffic shapping for a server to control the traffic used by this server over internet, generally this was easy done over our old netscreen/juniper FWswhen i tried to figure it out over our PA 2020, i passed throught a not that the shaping is done only over egress port of the FW.and there are a document here that explain so...
| Subject | Likes |
|---|---|
| 2 Likes | |
| 2 Likes | |
| 2 Likes | |
| 2 Likes | |
| 2 Likes |
