Disable TLS 1.0 and 1.1 and also weak cipher

How to disable TLS version 1.0 and 1.1, also to disable weak cipher for WildFire

Configure Authentication with Custom Certificates on the WildFire Appliance

I went through this KB it shows how to disable the 1.0 and 1.1 but how to disable weak ci

In Wildfire how do we disable weak TLS ciphers?

Nessus scanning is picking up TCP/443 TLS v1.0 and v1.1 on our WildFire (WF-500) appliances.

Is there a way to turn off TLS v1.0 and v1.1 on the WildFire ?

Below is the Nessus scanner notification.

-------------------------------------------------

preferred PAN-OS software versions table

HI, dear PaloAlto team,

Why has the preferred PAN-OS software version table been changed? The previous view was much better, because it allowed to select the preferred software version and schedule changes....
Now there is only one preferred version

Google-base app, what its cpable of in escense of google apps.

Hi Team,

            Recently, I had to allow an internally developed android and IOS for users that are allowed and not allowed to access internet.

this app "externally hosted internally developed" role is consisting of destination IPs and web-brows

Dynamic ports to Static

Hi Team,

I'm trying to configure the Dynamic ports (49152-655355) to static 37001 . We have destined server which is sending dynamic ports to establish the link and data exchange.

what is best option to have this hardening.?

URLfiltering Response page for Override with redirect mode does not work

I created a loopback interface that has the Response Page management option enabled. I setup up the override action for social-networks category in the URL filtering profile and setup the Device->Setup->Content-ID on override with the IP loopback add

How to get the full CA Issuer URL when it is truncated in the decryption log

Hi guys,

I am checking the decryption logs, to repair the certificate chain as mentioned in the guide below:

https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/decryption/troubleshoot-and-monitor-decryption/decryption-logs/repair-incomplete-ce

EVE-NG Setup & VMWare installation for Palo Alto & Multi vendor devices

VMWare installation & EVE NG Setup step by step for Multi Vendors Devices

As for every IP Network Engineer readiness of the simulator especially the multi-vendors environment, EVE-NG is a big headache. But honestly, this is very simple and only nee

PanOS 11.1.5 (and others with the fix for CVE-2024-2550) still not preferred?

Might anyone know why 11.1.5 and 10.2.10-h10 (or anything newer) are still not marked as preferred 3 months after release?

We're on 10.2.x now and likely would upgrade to 11.1.x, but I figured waiting for the patch for CVE-2024-2550 makes sense.