General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 1898 Views
  • 1 replies
  • 10 Likes

How do block all flv streaming media

Is there any way to block all flv streaming media for all applicatons that uses flv streaming through web-browsing?

(I could'nt find any application describes "flv" except "Flash application".

But "Flash application" blocks all flash content and this i

...

ssl decryption best practices?

I'd like to look at implementing it but I'm wary of all the potential caveats i.e. applications that don't play nice, and machines that are non-windows or non-domain so wouldn't get a trusted CA via Group Policy.

I've read the guides so know how to do

...

PAN Help files are a bit old

Noticed this while searching some answers about dynamic URL filtering in the help files.

Enable dynamic categorization
Select to enable dynamic URL categorization.
URL categorization takes advantage of a URL filtering database on thefirewall that conta
...

blueteam by Not applicable
  • 1898 Views
  • 1 replies
  • 0 Likes

IPS/IDS for SQL Server behind PAN?

We have a web server in fron of a PAN that accesses MS-SQL behind the PAN.

In the vulnerability profile that we're using, everything (client/server) is set to "default".

I appreciate it's a fairly broad question, but is this enough?

Thanks.

User-ID Agent Refresh Interval?

I'm sorry if I've just not spotted it, but is there any documentation on how often the User-ID agent (for Active Directory) updates?

We've just started to implement some policies using groups and I'm not quite clear in my mind how often the PAN checks

...

Uknown / Blank user

Hi,


I want to view the traffic for all unknown users, but I am unsure how to create this...

I thought about using (user.src neq '') but that does not work I need something similar, essentially I want to view the 'from user' that has no data in (blank)

A

...

djbisbey by Not applicable
  • 1634 Views
  • 2 replies
  • 0 Likes

URL Log

I have seen this come up in one post. Where the user has asked why the URL field is only limited to only the first 63 characters.

Any idea when this might be addressed? It is crucial to log the entire URL for both trouble shooting and forensics purpos

...

Captive Portal Question - Demo Unit

Hello everyone,

I'm currently demo'ing a unit configuring it to our projected needs.  One of the things I'm currently working on it user authentication to the net and am hoping you guys can help me out with this.  I have the captiveportal setup using

...

rjoshua by Not applicable
  • 2175 Views
  • 1 replies
  • 0 Likes

URL Filtering

This was brought up about a year ago from what I can tell but does, or will, PAN support a connector to be used with a Websense server for filtering?

cnelson by Not applicable
  • 2618 Views
  • 1 replies
  • 0 Likes

Monitoring interface traffic with SNMP

I am trying to monitor traffic on some interfaces on our PA 2050 with SNMP.

I'm using RRDtool to pull traffic counters every 5 min.

But, the interfaces in Network\Interfaces in the GUI does not match the interfaces when i do a snmpwalk IfIndex against

...

tysver by L0 Member
  • 2373 Views
  • 1 replies
  • 0 Likes

Resolved! How do PA protect a attack of mac spoof?

Dear Master.

I read that zone protection of docs and notice that PA can protect ip spoof attack using zone protection profile and uRPF. but I cannot find that protecting arp spoof attack.

How do PA protect a arp spoofinig attack?

Thank you.

ttongfly by L3 Networker
  • 3868 Views
  • 1 replies
  • 0 Likes

Resolved! Installing Intermediate Root CA?

I'm in the process of purchasing a Wildcard SSL cert and I want to install it on the PAN for a mixture of things such as:

The management interface.

The URL Override SSL certificate.

As a reverse proxy certificate.

This is the one I'm planning on getting:

...

Application Password Override

In the URL filtering configuration, there is an option to allow for an override such that a user can type in a password to override a blocked website and gain temporary access to the site.

Is there a similar function available for applications?  For e

...

rahmant by Not applicable
  • 1816 Views
  • 1 replies
  • 0 Likes
Top Liked Authors