Secure FTP from a single domain only

I have an inbound SFTP, I need to secure access to from only a single domain, say *.mydomail.com/. I have tried with a URL category in the security policy. This does not seem to work. The source is in AWS, so to much of a hassle to manage a source ip

Yandex safe search is not working

Hello Experts,

We have enabled safe search in URL filtering & also added response page given by Palo alto from given link below. However when we implemented it, it works fine with yahoo, bing and google. however it doesn't work with yandex.

Transpare

Hey there

Hey there,

Today I joined the community to enhance my Palo Alto and Security Leanings..

Thanks guys in advance. Hoping for great learnings and knowledge sharing!!

Query on Syslog filter builder

Hi Folks,

We had configured to forward the system logs for severity of informational, medium, high and critical using filter builder. But we are receiving logs only for informational on our QRadar Syslog.

What is the supported format for System log f

Global Protect MTU setting overwritten

Trying to set MTU for my GlobalProtect client.
I've found some information about this in Palo Alto docs.
I could not set it with netsh, I think it is because of GPO.
But I could set it with the PowerShell command: SET-NetIPInterface -InterfaceIndex 3 -N

User-ID limitations for distribution

Hi folks !

Would like your advice on a specific issue about user-id limitations : 

One of our customer is using one central firewall to redistribute user-id mapping to more than 100 devices, and has issues about user-id process crashing on the central

HA to standalone best practise

Hello,

Good day, I have found many articles related to configuring standalone to HA. However, I don't find related articles for HA to standalone.

Is there any good reference guide for changing role from HA (active-active or active-passive) to standal

File blocking allow MS 365 Office installs and Windows updates

Hey,

If at all possible, please could I ask for some input on the best way I try allow M365 office installs (from their CDN) and Windows updates to our endpoints even though we are not using SSL decryption at the moment?

We currently have a policy rul

CPS for Flood Protection

For the Flood Protection calculations:  Alarm, Activate, and Maximum - the documentation states to use the baseline thresholds (average) for the zone.  I have used the OIDs to do this, however, why would I be using the TOTAL ZONE baseline and not jus

PCCET Certification Badge???

Is there a way to display a badge for taking these courses?   I says I have passed but I cant find a way to carry it over to Linkedin 

Why Destination NAT is not working for internal users.

Why Destination NAT is not working for internal users. Why need to create U-Turn NAT if we have existing Destination NAT created and if internal users want to access it.