DNS Security scaling?

Hello,

We're looking at replacing some Fortinet and Juniper devices with PA's but can't find any details as to how many entries can be cached with the "DNS Security" feature.

I have a lab 220 I'm using but the output of the commands don't seem to sho

Slow ISP bandwidth through PA-3020

We upgraded to a 1gb/s internet connection from a 50mb/s on Friday.  For some reason we are only seeing a max of maybe 250-300mb/s but in most cases we are at 175mb/s.

We have a PA-3020, with App-ID enabled and Threat.  We did our research before upg

PA 3000 Make users accept TOS before browsing the web

Hello, we use our PA 3000 as a router to distribute our ISP to multiple locations. Is there a way that I can make it so when a user try's to browse to the web either a pop up or a redirect happens so that they have to accept terms of service prior to

UserID issue when using RDP via GlobalProtect client

Hello,

I have the following issue when using RDP via GlobalProtect client.

Situation:

• PaloAlto 820 with PAN-OS 9.0.9, GloablProtect Client 5.2.4, Windows 2016 Active Directory
• For remote access we use GlobalProtect with Active Directory accounts (RADIUS

Cyber Elite video interview with Brandon Pry !

Just in case you missed it, our very own Cheryl Rasmussen took some time to interview one of our new Cyber Elite Members, Brandon Pry (@BPry) .

Take a moment to check out Cheryl's blog and watch the video interview here:

https://live.paloaltonet

Export MineMeld application logs to syslog

Is it possible to send the logs visible under the "LOGS" menu to external syslog? If yes then how?

Thanks in advance.

Enabling Security Features

Hi ,

We have a customer running a cluster of PA 3060 . 

The goal is to enable security features on at least 30-40 percent of the rules initially . like

URL Filtering 

AntiVirus

Antispyware

Wildfire

Vulnerability Assessment 

Are there any Best practices rule

Panorama Variables for HA A/A

Hi everyone!

We have an HA A/A deploy, management vía Panorama.

Have i any Variable to use for NAT's like Device-ID? to perform macro configurations?

Regards

Cisco WLC integration with PA - Client logout events from syslog messages

Good day.

Is there any way to generate user logout events from syslog messages?

Firewall is receiving syslog messages with client disassociate events from WLC.

Tried  a syslog Parse Profile with Event String as " Client Disassociated: ", still no luck.

Windows Server 2003 with Agentless User ID

Hi guys,

I am setting up agentless user-id with Windows Server 2003 Active Directory. My PAN-OS version is 8.1.16.

For the setup, i've followed the guide here:

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGGCA0

Currently

tacacs

Hi,

I am using tac_plus linux server .

user = larry {

login = PAM

member = admin

}

The above will support ? .As I know tacacs using pap or chap . In that case If can I use login = file /etc /password Or PAM in the server side configuration

Th