General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 436 Views
  • 0 replies
  • 2 Likes

Resolved! Advice on upgrading HA pair

I have read the couple of docs regarding the upgrading oh HA pairs, but I was more interested in actual user experience with the process.  Does anyone have any sage advice for me as I plan my own upgrade event?  I will be taking my PA500's from 3.1.6

...

Resolved! Password encryption when using RADIUS

I have looked through the RADIUS configuration guide located at https://live.paloaltonetworks.com/docs/DOC-1701, and I was wondering about the requirement to enable unencrypted PAP authentication.  We are subject to PCI Data Security Standards compli

...

abelgard by L1 Bithead
  • 3208 Views
  • 2 replies
  • 0 Likes

Resolved! Unknown Virus

Hi all,  I came across this "virus" alerts on PAN-OS 4.01. What does that mean ? There is no info available for these ID's....

gafrol by L4 Transporter
  • 9370 Views
  • 8 replies
  • 0 Likes

Resolved! Security policy using group in negate form

Hi,

is it possible to create a security policy with user/group with NOT form?

for example :  LAN => WAN   !domain-group   any   all-app   deny

My task is to create a rule in order to block all known users except those belongs to a specific domain group

...

zanonibs by Not applicable
  • 3811 Views
  • 2 replies
  • 0 Likes

PDF Summary Reports

Hello,

Does anyone know if there is a way to export all PDF Summary Reports at once off panorama?

Please let me know

Thanks

Paul

Resolved! same zone and throughput

Hello guys,

My question is about a Palo Alto PA-500.

The firewall througput is around 250Mbps, and 100Mbps with inspection of packets.

I have 1 Firewall PA-500, with 5 interfaces (L3):

Eth1/1: Untrust zone

Eth1/2: DMZ Zone

Eth1/3 to Eth1/5: Trust zone

What

...

Resolved! TCP Split Handshake spoof

Hi, i would appreciate if someone from the PA team could address the following question.

In the recent NSS Labs Firewall Comparative Group Test Report Q1 2011. Of the 6 products review and tested, 5 were suseptible to the above type attack. For detail

...

User-ID Agent 3.0.x on Windows Server 2008?

I've heard that the User-ID Agent 3.0.2 should be supported on Windows Server 2008 and 2008-R2, but my attempts have failed on both platforms. In both cases, I am using a domain-admin account to install the .MSI package but getting an error at then e

...

u2849 by Not applicable
  • 5540 Views
  • 6 replies
  • 0 Likes

Not blocking Eicar in 3.1.8

Since 3.1.8 the PAN do not identificates the Eicar "virus" in all cases. The loading from https://secure.eicar.org/eicarcom2.zip will be possible, but the same file with http://www.eicar.org/download/eicarcom2.zip will be blocked reliably.

mhuels by L3 Networker
  • 2518 Views
  • 3 replies
  • 0 Likes

Cloning traffic to simulate attacks/vulnerabilities

Hi,

Has anyone ever tried to clone malicious traffic sent through the palo-alto firewall to try to re-simulate attacks or exploit vulnerabilities?

If you have, can you share your experience in how you did it?

Just trying to research on some ideas of how

...

ikinnexi by Not applicable
  • 4118 Views
  • 6 replies
  • 0 Likes

SSL VPN on Mac OS X running in 64-bit mode?

Hi,

Some of our clients are running OS X in 64-bit mode and when they launch the client they get a pop-up telling that its not supported on a 64-bit kernel.

Is this expected behaviour? Will there be a version that supports 64-bit kernel?

Thanks!

Resolved! URL logs

Is it possible to see url logs without url filtering license? I'm not talking about profiles and blocking some categories, just to see what urls users visited.

Regards!

mkopcic by L2 Linker
  • 2189 Views
  • 1 replies
  • 0 Likes

URL Filtering allow

Hi,

I would like to know if it's possible to have the allow-list URL in the log.

As we have to do monitoring not only on blocked URL but also in allowed.

Brgds, Lionel

Anyplace remote control to be stopped

Hi,

A remote control online solution called Anyplace Control(anyplace-control.com), and this needs to be stopped.
Palo Alto shows this as "unknown-tcp", and as such it may be disastrous to stop all unknown-tcp.

I need this to be blocked as an applicatio

...

ta185020 by Not applicable
  • 1908 Views
  • 2 replies
  • 0 Likes
  • 23699 Posts
  • 110 Subscriptions
Top Solution Authors
Labels