Resolved! User Agent timeout and expiration timer

Hello,

I have configured Age-out timeout to 720min and configured "<enable-full-expire>1</enable-full-expire>" on config.xml.

There is the way to check the timer for a particular users to check how last for expiration ?

If I restart the PAN-Agent servic

Resolved! ARP Question

When logged in via CLI on the PAN 500 and I view the ARP table, it says maximum of 500 entries.  Does this mean that the PAN will only support 500 unique connections at a time?

I'm still trying to track down a problem I've been having with some machin

Resolved! Panorama/ Report Creation...

...suitable for presentation. I guess I don't understand what I'm seeing or I don't understand what I should expect from Panorama. Quickly: I have 2 PA-2020's logging to a single Panorama instance where I attempt to create "consolidated" reports. Ver

Resolved! performance data

Hello team.

can you please tell me where I can have perf data  w/ Smartbits, IXIA or avalance?

I'm in the tender process to some customer, this is required from that customer like..

PA-4020, PA-4050 etc.

64 byte, 128 byte,256byte,512byte,1024byte,1500byt

Resolved! Advice on upgrading HA pair

I have read the couple of docs regarding the upgrading oh HA pairs, but I was more interested in actual user experience with the process.  Does anyone have any sage advice for me as I plan my own upgrade event?  I will be taking my PA500's from 3.1.6

Resolved! Password encryption when using RADIUS

I have looked through the RADIUS configuration guide located at https://live.paloaltonetworks.com/docs/DOC-1701, and I was wondering about the requirement to enable unencrypted PAP authentication.  We are subject to PCI Data Security Standards compli

Resolved! Unknown Virus

Hi all,  I came across this "virus" alerts on PAN-OS 4.01. What does that mean ? There is no info available for these ID's....

Resolved! Security policy using group in negate form

Hi,

is it possible to create a security policy with user/group with NOT form?

for example :  LAN => WAN   !domain-group   any   all-app   deny

My task is to create a rule in order to block all known users except those belongs to a specific domain group

Resolved! same zone and throughput

Hello guys,

My question is about a Palo Alto PA-500.

The firewall througput is around 250Mbps, and 100Mbps with inspection of packets.

I have 1 Firewall PA-500, with 5 interfaces (L3):

Eth1/1: Untrust zone

Eth1/2: DMZ Zone

Eth1/3 to Eth1/5: Trust zone

What

Resolved! TCP Split Handshake spoof

Hi, i would appreciate if someone from the PA team could address the following question.

In the recent NSS Labs Firewall Comparative Group Test Report Q1 2011. Of the 6 products review and tested, 5 were suseptible to the above type attack. For detail