font blocking

Hello,

I'd like to block users from downloading any OpenType (.otf) and TrueType (.ttf) fonts. Is there any way to block them?

Password Profiles complexity

I would like to set up a Password Profile with all attributes at zero, can this generate an account lock or would I have no problems?

regards

Active - Active firewall deployment across two data centers

Hi All, 

We are exploring the firewall deployment options for one of our customers who have a requirement to stretch few VLANs across 2 data centers most probably using VXLAN/EVPN. The options currently being explored are:

1. Active-Standby firewalls

Export dumps file for SLR in a multi-vsys NGFW

Hi community, I realised when i'm exporting the dump file by CLI, it takes so much time in a multi-vsys system but not for a single vsys, what is the reason for this?, there is a way to accelerate this proccess?, Regards.

Dual ingress ISP setup vs Juniper SRX

Hi,

   there is a fundamental difference between Juniper SRX and Palo Alto Firewalls regarding how reverse route look up occurs

for a session. With Juniper SRX, if I have two ingress traffic via two different ISPs, I can put each into its own routing i

BGP Peer with ISP

Hi 

I need some guidance on setting up BGP peer with my ISP, this is a new connection.  I have external interface setup and I can ping to next hop and route to public internet.  I need to advertise the /24 block network that my ISP assigned me.  This

Certificate vulnerable *Urgent*

Applying QoS for WebEx behind PA FW

Hello,

I have a WebEx Server hosted behind a PA FW. I need to apply QoS for it. Currently, I have a NAT in place to NAT the WebEx Public IP to the Server Private IP, Destination NAT is applied. Is it applicable to apply QoS for such traffic? I need t

How to Schedule Configuration Export without Panorama?

Global Protect config problem: The server certificate is invalid.

Hi,

In lab i am trying to setup a simple global protect configuration where the gateway and portal are on the same IP and just using local user authentication.  I have a certificate for my my public IP from let's ecnrypt and  have imported this into

After upgrading Panorama from 8.1.12 to 9.1.2, unable to switch context

After upgrading internal Panorama from 8.1.12 to 9.1.2, we are not able to switch context to UTMs.

Unable to register a used PA-500 Firewall

Hey,

I recently bought a PA-500 Firewall on eBay for testing in my Lab. Unfortunately, I can’t register it at Palo Alto Website, because it is already registered. So I can’t get access to resources like Firmware-Upgrades or even get access to a LAB-L