DAG and Panorama

When looking at Dynamic Address Groups along with Panorama, it almost looks like this can't be done unless you are using NSX.  I setup the VM Source on one of my firewalls and I can do a DAG, but it doesn't transfer back to Panorama inorder to use it

HIPPA \ Health Data Patterens

Has anyone written regex data patterens for HIPPA Data for Palo?  Is Palo plannig HIPPA Patterens?

Global protect app require admin credential to upgrade in transparent mode?

Global protect app require admin credential to upgrade in transparent mode?

We want to upgrade agents from 4.0.2 to 5.0.8 in transparent mode. Can we upgrade from 4.0.2 to 5.0.8 directly ?

Also user machine ask for admin credential when we install any

Block Brute Force RDP attempts

I have a Palo Alto 820 up and running, and one of its roles is to publish an terminal server (on its default port3389, the Terminal Server have an 2 factor authentication mechanism.)

I see lots of connections, and i would like to block this brute for

Global Protect Implementation

What's the best way to implement Global Protect in my home network so that I can access it from the outside?

Zone Protection - Reconnaissance

Hi,

Are there any best practice settings for the reconnaissance portion of the zone protection profile.

I see the default has the below.  Is it recommended to leave as defaults or does someone have a better recommendation?

TCP Port scan 100 events wi

GP Split Tunnel with Microsoft O365/Microsoft Teams & GP License

Hello All,

It appears that the large list of IPs and domains to completely enable split-tunneling with GP for O365 & Microsoft Teams requires the GP license to facilitate defining domain names in addition to IP networks (which I understand works with

Can URL Profiles be used if there is No URL Filtering License?

Can i use URL filtering using custom URL categorys if i do not have a URL filtering license.?

when i try i get the following warning message.

No valid URL filtering license,

Can't connect firewall to network

I'm trying to setup a PA-220 for the first time. I'm able to access the fw via the web interface when I directly connect my laptop to the mgmt port. 

I'm stuck on Step 11 (https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/inte

Unable to disconnect Global Protect in Linux machine

Hi Team,

I have configured GP using "On demand" method when I tried to disconnect GP by ran the command (

"Disconnect on ideal" not working - Global protect

We have set Disconnect on ideal for 20 min and we have tried to log off from the PC and login after 20 mins and GP is still connected,what could be the issue.

Inactivity logout seems to work after 2 hours

Palo version 8.1.13

GP- 5.1.1