Policy rules organization

hello Everyone hope everything is doing well.

questions for the experts on palo

i have 260 rules on my palo alto environment and they are subdivided in zones and i would like to make things more organized on my rules  .

question is the rules more high

publishing a site website service with ssl decryption

I have an internal server which i want to publish its service to public and need to do ssl decryption, does that means i need to do "inbound ssl decryption"?

and if so, as the website is natted from outside to inside, in the decryption rule in the des

Release Notes in GUI

Anyone know what's up with the release notes links in PAN-OS or Panorama GUI?  Some of them are taking me to an XML response page and there is apparently an email circulating on REN-ISAC that the GlobalProtect links for 5.1.2 download a *.solitaireth

Minemeld configuration via TAXII output to Qradar

Hi All,

i've been trying to configure the taxiii output in minemeld following the tutorial of Qradar posted here but with no success.

I am running docker minemeld version, everything is fine until i try to add the url: https://hostname/taxii-discovery

PA220 Update - Cannot use management interface

Hello,

First question and first foray into Palo world from Cisco ASA and I'm stuck.

I am trying to update a couple of PA220's, we cannot use the management interface and therefore can only use an interface connected via DHCP  to our ISP.

I have got the

Adding 4th NIC to Palo Alto VM in Azure

Can a 4th NIC be added via the Azure Portal to a Palo Alto VM that was deployed via the Marketplace? I see only 3 interfaces are created, and the 4th be added after the fact? Thank you. 

How to enroll in Cyber Security Foundation, Cybersecurity Network Security Essentials, Gateway

I am trying to get PCCSA certified. On the PCCSA FAQs document under Q5 there are three courses listed other than the Cyber Security Survival Guide, the EDU-010 course, and the Practice test: Cybersecurity Foundation Course, Cybersecurity Network Sec

Global protect multifactor authentication with RADIUS

Dear All,

I have configured GP with multifactor authentication.

Example:- If I want to connect VPN, so I click to connect on agent it will prompt me to credential then I will enter username and password once it is succeded one OTP received my mobile.

not able to login in firewall by authentication profile

Hello team,

I have created a local and AD authentication profile.

Then I have created an administrator and the same profile allow there. but when i try to login in Firewall getting the incorrect user name and password error.

please suggest how can i lo

Windows radius with certificate config

Hi there,

I am testing Radius configuration for our admin accounts using windows NPS over PEAP-MSCHAPv2. I have our local CA cert in the cert profile and configured all the required params like vendor specifi attributes,etc. When I run a test authent

Maze Ransomeware Coverage

Hi Team,

Please let us know the coverage against for Ransomware-Maze under threat in our Palo Alto IPS.

Best Regards,

Sahul Hameed

Traffic-Log refreshs is broken when using long filters

Hi Community,

I often have the problem, that the traffic log view is refreshing automatically when using long queries.
I have the auto-update set to manual but after seeing the first filtered log entries, the whole log-area refreshes - very annoying.

PA-5050 8.1.11 Inter Vsys traffic

Hi all,

We got a Palo Alto 5050 active/passive HA configuration with two vsys with a lot of inter-vsys traffic.

Our DP1 is running at 100% during working hours.

I am convinced that the problem is that inter-vsys traffic can't be offloaded to hardware.