Understanding URL Filtering security profiles vs Rule Action

Hi!I have a pretty basic question that I couldn't find the answer to - am hoping that someone could help me understand this. Let's say I have a security rule: Rule 1: src=192.168.1.0/24, Dst=192.168.2.0/24, Svc=Any, Action=Allow, Security Profile=Antivirus, URL Filter (which blocks Gambling sites)Rule 2: src=192.168.1.100, Dst=192.168.2.100, S...

Cortex XDR: How to block execution of some unwanted apps

Hello All, We have observed some unwanted applications( Any desk, WhatsApp) used by end users in customer environment. Is there any way apart from blocking the hash present in cortex console which will block the execution of such files. Thanks in advance. Regards, Sakshi Seth

When logging into the community can I turn off the email a code?

Whenever I want to log into the palo alto networks community, it asks to email a code to my email address. Sometimes I think it already did but nothing came, but in reality I never clicked the button to send the email. Is there a way to turn that off, or maybe do a push notification to Duo instead? This is why I use the r/paloaltonetworks subr...

Day 1 Configuration of PAN-410 model firewall

I created day 1 config file for my PA-410 model firewall and loaded the configuration. But while commiting Got below error: "email-scheduler -> Possible Compromise -> report-group 'Possible Compromise' is not a valid referenceemail-scheduler -> Possible Compromise -> report-group is invalid " When I double checked the file I downlo...

Device Control Violations

how to download Device Control Violations data from the cortex

Enable Device Telemetry with error message : Send File to CDL Receiver Failed

Hello, I have PA VM100 with PAN OS 10.2.2. Enabling Telemetry and setting up the Telemetry Region as Americas. The status for Device, Product and Threat is always "Failed" with message "Send file to CDL Receiver Failed" Any advise, suggestion or how to troubleshoot this much appreciated Thanks

I have a Premium Account but can figure out how to open a trouble ticket... the Portal Changed PLEASE HELP... So frustrating...

Strange behaviour via Palo Alto Firewall.

Could someone explain why this site would fail via our firewalls, it works fine local and split tunnel. I would imagine it's to do with encryption levels as wireshark shows a few cypher spec changes during the handshake.. FYI.... SSL Proxy / decryption is switched off for this site and aplication is set to any and is classified as education/low ...

palo alto block page not showing

Running panos 10.1.8 on vm-300. a blocked https page gives user -This site cannot be reached rather than palo block page notification. Is this because ssl decrytpion is not enabled and is required to get block page notification for https url which are supposed to be blocked via url filtering.

PA440 not shuting down instead getting rebooted after sometime .

Hello I am trying to shutdown the device using CLI and GUI but it is getting reboot after some time . Click on Device tab > Setup link > Operations tab. Click on shutdown device under device operation shutdown command (request shutdown system) in the CLI. PAN-OS 10.2(10.2.3-h4), Please help me with the issue .

LACP betweeb PA3400 and Cisco Switch

I have config LACP between PA3400 and Cisco Switch everything work fine implement test on standalone mode Cisco eth1/1 (po1)<----> PA eth1/1 (ae1) Cisco eth1/2 (po1)<----> PA eth1/2 (ae1) All traffic can use normally until we test shutdown or unplug one of member on firewall . Result : traffic is dropped 1 timeout My question : this...