Tactics Technique and Procedure (TTP) for Noob Threat Hunting

I am new to Palo Alto NGFW and Cortex, does anybody have  any special TTP they want to share to noobs like me?

Prevent User Traffic from Proton VPN Application

Hi All,

Just wondering if anyone has a solution in creating either an application id for proton vpn, and or other methods in preventing users from bypassing the palo firewall.

https://protonvpn.com/

I have discovered today that this application is no

Required role to do cli backups

We have a process to do backups using the cli. I'm going to create a new role restricted to cli for this purpose. What admin role is required to perform backups?

URL Filtering Log - MAC Address

Good morning,

We are trying to leverage as much functionality from our PA FW right now.  At the moment we are using 3rd party filtering and 3rd party captive portal.   The challenge is always matching the URL filtering logs with the user mac address.

UserID agent - different two major

Hi,

Just to confirm. it would be compatible this:

UserIdagent in version 9.0.x

and FWs in version 8.0.13

WE need to upgrade FWs to version 9.0.x, and we are thinking to upgrade first UIA, but we are not sure about compatibility in UIA two major higher.

Upgrade advices compatibility

Hi,

I explain my scenario:

We need a cluster A/P in 8.0.x. We had issues upgrading when the LACP didnt come up in the passive node jumping to 8.1.10.

So in the last try we realised that jumping to base 8.1.0 the LACP interfaces were up. So we will do

Panorama VM to VM migration while going from Legacy to Panorama Mode

Hello all,

currently we use a Panorama VM running PanOS 9.0.5 in Legacy mode (did not even know that was possible) to manage a couple of HA pairs of firewalls.

Unfortunately we are unable to edit the resources of that VM in our Hypervisor, likely due

Cyber Elite interview with MP18

Hey there everyone.

I wanted to let everyone know that the Cyber Elite experts are among our top contributors within LIVECommunity, and our first interview is with @MP18. 

Read the blog here:

https://live.paloaltonetworks.com/t5/blogs/get-to-know

How to create e new network interface on a device using Panorama

Hi all,

I'm quite new using Panorama.

I need to create a new network interface on a device managed by Panorama.

I tried to modify the template but when I push it to device I got an error telling that there isn't that interface.

Of course I miss something

URL filtering and white list

Hi,

I would like to do url white listing. before i do white listing , i would like to monitor all url of users and office application.

after that i would like to allow specific url only. In paloalto monitoring is only show destination ip address and ne

the SKU to Upgrade VM license bundle?

When upgrading from VM100 to VM300, is there an upgrade SKU with discounted price or use the SKU# "PAN-VM-300-PERPBND2" with regular price?

Thanks,

Michael

MFP devices wont scan to email anymore

Hello guys and Happy New Year!!

First time when I use an palo alto device. So I configure this device PA-220, and I put it on my network.Everything works great but I have some problems; For example now all my MFP devices wont scan to email anymore. I