Join us live for an in-depth look at the latest advancements in cybersecurity, best practices, tips and tricks, demos and
more to protect your business and defend against threats in real
Hi;
What's the best way to block internal users trying to access the internet with a VPN client. I mean I want to disallow all internal users from establishing a VPN while on the "Trusted Zone", whether it is an IP-SEC or SSL VPN.
Kindly
Wasfi
Why Commit in Panorama is not greyed out even though there is nothing to commit
Hello!
The access to GlobalProtect is done using certificates, it works alright, users are authenticated and identified by sAMAccountName.
Sometimes happens that the firewall re-maps the already identified user substituting the sAMAccountName with na
...
Hi,
I'd like to know which PAN-OS is currently recommended? And this in combination with GlobalProtect?
Thanks,
wkr,
Luc
Is there a description of the drop-reset deny action.
Kindly
Wasfi
How can I do this? IE login to Panorama or the local FW and get a list of security polices that are pushed from Panorama in human readable format? Similar to 'show rulebase security rules' on the local FW?
Hi;
Can you sort security policies by the hit count?. I could not do that, but thought I would ask.
Kindly
Wasfi
Hi All,
Hoping someone can clear up some confusion I have with the processing speed fothe 7050 firewall. The literature states that each NPC adds 20 Gbps of processing to the chassis. You can scale out your deployment and speed by adding NPC's, the
...
We have two firerwalls at different locations conencted to different vendors via different ISP.
I it possible to have uplink to vendor with same ISP but different IP address in active and passive setup?
I would like to add a virtual F5 as a proxy to our exsiting 5220 PA FW. As I have never done a DMZ to a virtual device, I am jsut wondering there a sample scenario or configuration.
If my F5 was a physical device, I will just assign an IP address to
...
One of our engineer setup XML to pull the user id and ipaddr mapping, which works with no problem. The problem is he left the organisation and we are not able to determine the source from where the input is coming into the firewall. The log on the PA
...
Hi
I can create a policy based around the username, what about linking to a hostname . windows hostname - verify in MS AD.
I have a management VM, I would like to move, but it has some policied based around location - specific network. It would be ni
...
Hi,
I'm doing decryption for Exchange 2013 OWA web part and it was doing good - was seeing mostly applications like ms-exchange, activesync, outlook-web which makes sense.
Customer upgraded their infrastructure to Exchange 2016 and after trying to dec
...
Dear All,
Recently we started to receive, each time to time, this alarms as Critical ones:
PaloAlto_Used_Memory:_Slot-1_Data_Processor-0_Hardware_Packet_Buffers 29920
PaloAlto_Used_Memory:_Slot-1_Data_Processor-0_Packet_Descriptors 9354
Anyone knows t
...
Hi.
We are having an issue where we are seeing duplicated indicators in output feeds. This is a problem for us as the feeds are fed into a SIEM as a lookup table, and when there are duplicates it causes a import failure.
The duplicates seems to
...
on:
How to use Seprate IPs on WAN interface of 2 Paloalto Firewall.
on:
noreply mail not arriving
on:
After firewall upgradation to 10.2.1 packets are dropping and outage
