application vs url categories dependencies

I want to allow access to Twitter, but block all other social-networking services.

The obvious approach is to allow the Twitter application and then have a rule blocking the social-networking category for web-browsing and ssl, but this doesn't work, T

Need help. Is PAN a forward proxy?

Hi All,

I am confuse if Palo Alto is a forward proxy? Can PAN protect forward proxy server?

Google Docs Phishing Issues

So I dont know if its just us but we are getting hammered with phishing requests to google docs web sites. The latest is:

https://docs.google.com/a/smps.k12.ok.us/spreadsheet/viewform?formkey=dGdKTFpTcW5KVVF1UGxJTFJ0aF9UdHc6MQ

My URL Filter wont block

PA 5050 Shadow Rule Error

Hi all,

I am configuring PA 5050 and populationg the security policy rule base. While i am making ule bases , and during commit , i am geting the error message that the Rule3 (suppose rule 3 ) is shadowning Rule 4 in the sequence. I am getting this e

User ID agent / User-IP-Mapping issue

Hello,

I have simple request: created access rule based by group.(and this part looks clear and working to me). Problem that i can make User-IP mapping to work correctly. With desktops i do not see any issues because their users do not change mostly a

PA-2050 commit frustration

Hello,

We have 2x PA-2050 devices in HA running 3.1.10 and I'm frustrating about commit time, it takes like 5-10 min.

Can I expect significant improvement, commit time speaking, with upgrade to 4.1.5 ?

Field experiences in commit time with 4.1.5 ?

Or sho

Monitor throughput of dataplane using snmp

Hi all

is there a way to monitor the throughput of the dataplane?  I would like to turn on threat protection on my Palo's but I need to be able to log the throughput so I can see the effect it has.  I am monitoring the Dataplane CPU but would like to

Block a particular Google Document

Greetings,

One of my users forwarded me a phishing email that points to Google Docs to collect information (username/password). The URL looks like:  "https://docs.google.com/a/b/c/viewform?formkey=asdfasdfasdfasdf" (not the real url). Is there a way t

QoS Markings

I have a couple pa-500's. I have a voip system that right now sits in front of the FW. I would like to put it behind the FW. If I have my switches and routers currently marking the voip traffic with an ip precedence of 5. Once I move the VOIP systme

question about packet dump about incomplete, insufficient-data and insufficient-data

Hi...

I’d like to a packet dump about incomplete, not-applicable, insufficient-data.

I tried to set a packet dump command like below.

Set application dump on application incomplete

Set application dump on application not-applicable.

Set application dump