Tons of "Generic:<URL> hits in threat logs for DNS Query hits

Hi Guys,

I am seeing a ton of "generic:<random-url>" hits in my threat logs under the spyware category for DNS queries from my email spam filter server out to the world. I have DNS security set up on the Palo so they are being sinkholed, but there ar

Best Practices for acquisition

Hi Guys,

Our company has recently made several acquisitions. All of them have non-palo alto firewalls. We will be migrating each of non-palo firewalls to our palos.

Now, for migrating the rules, we are using expedition. 

But, some of them have overlapp

PaloAlto and DNS

I have PAN running version 8.1.17 and it is configured with two DNS servers on the management interface, you know the usual, nothing special.  I have security and NAT rule on the PAN firewall the uses FQDN. 

Is there a way to detect when the PAN fail

Panorama via S2S VPN

Hi everyone,

We have our PA Firewalls in different countries all around the globe.

Lets call them Country1, Country2. Country3 and so on.

All locations are connected to each other via S2S VPN.

We have Panorama in location Country1. And it manages firewa

Active/Passive HA direct link between firewalls

Hi All,

I use PA-220's in HA pairs often, and I've always used a straight-through cable to connect port 7 and 8 from FW1 to port 7 and 8 on FW2. I've never had ANY issues with this configuration. 

I just learned that PAN says to use a crossover cable

GlobalProtect portal allows a user to download the software without logging

has anyone noticed that globalprotect portal allows a user to download the software without authentication? I'm running 5.0.4. Here's the exact link:

https://{IP/FQDN}/global-protect/getsoftwarepage.esp .  

not able to access certain web sites from host behind PAN firewalls

I am trying to access http://www.brokercheck.com from behind the PAN firewall via dynamic NAT without any success.  I have other customers behind different PAN firewalls, regardless of PAN OS version, with the same issue access website http://www.bro

Best Placement Integration Approach

Hi Guys,

Just want to seek your inputs about what can be the best integration approach for this scenario.

Currently, the VLAN gateway is in my core switch and I will be introducing PA FW into my network. I want to have control and visibility for my int

Best way to apply log Forwarding setting to multiple security policies in Panorama

I recently migrated a few HA pairs into Panorama in my environment. Historically, our security policies were configured to only send traffic logs from deny rules to our syslog. Any allows were only logged on the local firewall (due to costs of Splunk

The data length of the http2 message exceeds 65526 and later will be discarded

We then pass the data through http 2.0 in plaintext, the data length of http2 messages exceeding 65526 will be partially discarded, resulting in incomplete data and affecting normal operations.
Currently, the solution is to turn off the HTTP 2.0 check