Need some guidance on the VM series implementation

Hi there,

I have inherited the current network and need some help in replacing the firewall for like to like. We have a MPLS network connecting all our offices and an external firewall managed by the ISP. Traffic from all sites go out via the external

ISP Failover With Controlled Failback

We have a pair of PA-3020 setup with HA and ISP Failover. PAN OS 9.1.3-h. I am not using PBF. I want to connect our VOIP phone switch to the firewall. Our VOIP phones connect to a cloud based PBX. I setup a new VR for VOIP with ports for ISP1, ISP2,

Azure Marketplace - VM-Series Next-Generation Firewall (CIS Benchmark)

Does anyone know if the VM-Series Next-Generation Firewall from Palo Alto Networks within the Azure Marketplace meets any of the CIS Level 1 or 2 Benchmarks? If deploying these FWs from the Marketplace, do we need to harden the images using the lates

Authentication Policy Use Case

Here use case and wondering if this is feasible.

1. User Bob is already authenticated and connected(tunnel VPN) to firewall A with GlobalProtect with his account "Bob".

2. User Bob need to access critical ressource behind the same firewall A with, how

Useability suggestion: Add Context sensitive Right Click Menu to PANOS UI.

I suggest PA should add context sensitive right click menus to the web UI in PanOS(Both Firewall and Panorama)

As an example, when a Security Policy rule is selected right click should popup a menu with actions that can be done on the item.
Like "Add

Admin roles and Detailed Log View (spyglass)

Hello Community!

I'm trying to create an admin role that gives a user access to the Monitoring functionality. 
But with full access to Monitoring only, they are not able to open the details for each log entry - Detailed Log View.

I've granted Privacy ac

Quick Question.

Captive portal not working

Hi Everyone,

Im trying to configure captive portal on PA 220 for users trying to access any website should redirect to captive portal and after authentication via username and password they will get access, but anyhow im unable to achieve that.

Below

Allowing any traffic that comes from a specific palo alto device

Hello

Assume 2 local firewalls in a set of firewalls, all managed by same Panorama. One is protecting ATM firewall and the other is DC Server firewall.

ATM 's get their IP 's from branches so they are very random, and routing is basically like 10.0.0.

Questions about panorama login account

I check the panorama dashboard   and  on the  widgetslogged in admins  there have tow admin account login the panorama.

panorama-admin and panorama,so

What is the difference between account panorama admin and panorama ?

and time idle for logged in admin

Jquery Version - JQuery 1.2 < 3.5.0 Multiple XSS

Hi team

We received this vulnerability in the report by our vendor for our PA
"According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater than or equal to 1.2 and prior to 3.5.0. It is, theref

Minemeld Indicators Number not equal Firewall DAG Members List

Hi everyone,

I tried to reference all the Windows RODC (Read-Only Domain Controllers) using a custom script. The script is working fine : it queries our Active Directory, and returns a JSON list of RODC. Each indicator listed by the script looks li

Minemeld taking up a lot of disk space opt/minemeld/local/trace/*

/opt ( 5 Gb )  is running at 80% full, most of which is consumed by /opt/minemeld/local/trace/*.

Can some housekeeping be done or do we need to expand the storage, is it just an area that going to grow and grow ?

Is there a Housekeeping job tha

False positive alerts

A very high quantity of botnet false alerts being reported on our appliance. Using 9.1.3.

Botnet report alerts as noted below:

Repeatedly visited (10) the same URL 216.58.199.36/

Repeatedly visited (30) the same URL 142.250.66.164/

Repeatedly visited (