General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Resolved! Unknown Virus

Hi all, I came across this "virus" alerts on PAN-OS 4.01. What does that mean ? There is no info available for these ID's....

Resolved! Security policy using group in negate form

Hi,

is it possible to create a security policy with user/group with NOT form?

for example : LAN => WAN !domain-group any all-app deny

My task is to create a rule in order to block all known users except those belongs to a specific domain group

...

PDF Summary Reports

Hello,

Does anyone know if there is a way to export all PDF Summary Reports at once off panorama?

Please let me know

Thanks

Paul

Resolved! same zone and throughput

Hello guys,

My question is about a Palo Alto PA-500.

The firewall througput is around 250Mbps, and 100Mbps with inspection of packets.

I have 1 Firewall PA-500, with 5 interfaces (L3):

Eth1/1: Untrust zone

Eth1/2: DMZ Zone

Eth1/3 to Eth1/5: Trust zone

What

...

Resolved! TCP Split Handshake spoof

Hi, i would appreciate if someone from the PA team could address the following question.

In the recent NSS Labs Firewall Comparative Group Test Report Q1 2011. Of the 6 products review and tested, 5 were suseptible to the above type attack. For detail

...

User-ID Agent 3.0.x on Windows Server 2008?

I've heard that the User-ID Agent 3.0.2 should be supported on Windows Server 2008 and 2008-R2, but my attempts have failed on both platforms. In both cases, I am using a domain-admin account to install the .MSI package but getting an error at then e

...

Web link to convert stat-dump report

Hi All,

Is there any link from PAN to convert stat-dump report to AVR report?

Please help.. Need it urgently..

Not blocking Eicar in 3.1.8

Since 3.1.8 the PAN do not identificates the Eicar "virus" in all cases. The loading from https://secure.eicar.org/eicarcom2.zip will be possible, but the same file with http://www.eicar.org/download/eicarcom2.zip will be blocked reliably.

Cloning traffic to simulate attacks/vulnerabilities

Hi,

Has anyone ever tried to clone malicious traffic sent through the palo-alto firewall to try to re-simulate attacks or exploit vulnerabilities?

If you have, can you share your experience in how you did it?

Just trying to research on some ideas of how

...

SSL VPN on Mac OS X running in 64-bit mode?

Hi,

Some of our clients are running OS X in 64-bit mode and when they launch the client they get a pop-up telling that its not supported on a 64-bit kernel.

Is this expected behaviour? Will there be a version that supports 64-bit kernel?

Thanks!

Resolved! URL logs

Is it possible to see url logs without url filtering license? I'm not talking about profiles and blocking some categories, just to see what urls users visited.

Regards!

URL Filtering allow

Hi,

I would like to know if it's possible to have the allow-list URL in the log.

As we have to do monitoring not only on blocked URL but also in allowed.

Brgds, Lionel

Anyplace remote control to be stopped

Hi,

A remote control online solution called Anyplace Control(anyplace-control.com), and this needs to be stopped.
Palo Alto shows this as "unknown-tcp", and as such it may be disastrous to stop all unknown-tcp.

I need this to be blocked as an applicatio

...

Unable to remove URL filter profile

Hi Support, Anyone has faced the error when the URL filter license had expiry? Alex Ling cid:image001.png@01CBF47F.CA4B5670

Resolved! PA 2020 reboot due to excessive broadcast

Hi all.

Our PA 2020 with PAN OS 4.0.1 reboot automatically during excessive broadcast on a VWire interface. Does anyone knows something about this behaviour?

Best regards, Markus

Discussions