PA4050/Panorama Log Archive Strategy help

We have one of our new PA4050s running in TAP mode listening to our datacentre firewalls (the firewalls they will replace - these are ASFs running Checkpoint FW1). We are also running Panorama on test machine in our testlab. The PA4050s are logging l

About regular expression at data filter for Korea SSN

Hello.

I was able to test function of data-filter for credit card number and social security number. so I created custom signature of data patterns for Korea social security number but I could not apply custom data pattern as a data filter.

PA box said

medium System Log DP DDR0 ECC single 9

Hi All

Does anyone know the meaning of this message

DP DDR0 ECC single 9, double 7913, dimm 0, rank 1, bank 3, row 0x1436 column 0x930

Port Scan/Host Sweep settings...

What is everyone using for their Port Scan/Host Sweep settings in the Zone Protection profile?

Mine are at...

TCP Port Scan

5 secs

800 events

UDP Port Scan

5 secs

800 events

Host Sweep

2 secs

200 events

...I may have to fine tune it some more to lower the amoun

Users With Two LDAP Accounts

Hi All,

Our domain administrators have two Active Directory user acounts; a standard 'username' for normal day-to-day tasks, and a 'username_a' for administrative work.  Occasionally, PA will pick up the '_a' account when checking group access instead

How to configure Captive Portal NTLM auth?

I have a customer who has AD and is using the UserAgent sucessfully.

However, many users are not always logged in, or are using corporate hardware, so aren't logged in.

I want to configure Captive Portal for non-logged in users that uses NTLM to authen

User-ID Detection fails after install a second Terminal Server Agent

After installing 10 terminal server agents and 1 PAN-agent on a PA-2050 the appliance cannot connect to any agent.

admin@mi2-pan2> show user pan-agent statistics

Name             IP Address      Port    Vsys        State             Users  Grps  IPs   

Deploying SSL decryption with Public CA

I am trying to figure out how to deploy SSL decryption. I have it working in a test environment using an in house CA and by importing the cert. into my browser. As we have Firefox users and can't export the Trusted Root CA with a GPO, I am looking fo

IPSec Tunnel to Windows Server

I have learned, PAN will only build route based and not policy based IPSec tunnels.

We need encrypted communication between several Windows Server 2008 systems in the outback and a lot of them in the central office. Till now, we build a site-to-site V

User Identification Agent

Hi,

I have a question concerning the User Identification Agent.
Yesterday we had  a problem with wrong user identification. The problem is solved in the meanwhile  but it would be nice for me to understand how the agent works.

To solve  the wrong identi

Virus: use of the packet capture

Hi,

  I wanted to know what you usually do when you see a Virus detected on the PA.

  How do you check that it is not a false positive?

  Do you use the packet capture in the case of a virus?

  Does the name/id of the Virus help you to find more details