User's traffic not hitting correct security rule.

We're running into an issue where a rule that is meant to update anti-virus protection on port 443 is slipping through and being caught by a lower rule which denies any application and service. (Hardware: PA-5050, OS version : 8.1.6).

As far as the se

Firewall WAN Zoning configuration best pratice

Hi, If the customer environment have 3 different internet service provider. Should I got 3 different zoning or just configure 1 Zone for 3 different internet service provider.

BPA for NGFW and Panorama

Hi Team,

Without Strata Cloud Manager access cant we do BPA?

Here in the below link we can do it for free is what it says.

https://docs.paloaltonetworks.com/strata-cloud-manager/aiops/best-practices-in-ngfw/on-demand-bpa-report

How to get access to

transfer the vm panorama to the nutanix

Hello

Customers are using VM Panorama for VM-ware.

Sooner or later, however, the customer will replace the vm-ware with a nutanix.

VM Panorama version : 8.1.6

VM Mode : VMWare ESXi

1. Can I get an image of a VM Panorama in use and use it in Nutanix?

2. W

Activating Trial license to extend PaloAlto working environment

Hi, community

Does anyone has any experience Activating "Trial Licenses"?

If let's say our support for PA-FW ends in 10 days and we would like to extend working-period is it possible to use "Trial Licenses"?

I know we can use them only once, but we d

Port Hopping - Is it for defence or Attack ?

cryptographic secure erase with NIST 800-88 guidelines

Query:

We would like to know if PA firewalls have cryptographic secure erase that complies with NIST 800-88 guidelines.

Ref:

https://www.stellarinfo.co.in/bitraser/ppc/nist-compliant-data-erasure-software.php?gad_source=1&gclid=Cj0KCQjwsoe5BhDiAR

User-ID Agent Timeout Triggering

I'm going through implementing a special 'modified' SP800-171R2 control list and I believe I can achieve satisfying controls such as 3.13.9 "user session timeout/terminate external access etc etc" control with the UID timeout function.

If I tied ex

When I press "Connect" button nothing happens

Installeds GlobalProtect 4.0.4-9 on my Mac. When I press "Connect" button nothing happens. I'm blocked, please help!

Solution for "SSL decryption bypass for Anydesk"

Hello,

I am being asked a lot about why is Anydesk getting a "decrypt-error" end reason when SSL Decryption is active.

Here is a simple explanation and how to overcome this.

What you usually going to do with this kind of errors is creating a Decryptio

Facebook Chat Still Active even After Adding Application "facebook-base"

Hi, I am new to Palo Alto and I started learning with watching Keith Barker's PA videos. In a video he configured security policies and demonstrated that he can't use Facebook chat with that configuration. I didn't want to do the exact same thing and

User ID Redistribution

Hi,

There seems to be an issue with our internal Palo firewalls and their Data redistribution, I'm not sure how long it's been an issue.

What it should do is redistribute the user authentication events to every firewall so it can use that us the user

Protocol Confirmation Required for Industrial Firewalls IEEE C37.94

Can somebody confrim if palo alo firewalls supports these protocols "IEEE C37.94 or not need solid answer for industrial firewalls???

OCI PA vm unable to communicate outside

Hi, I am a newbie for PA and need of some assistance in configuring PA VM on OCI.

I have done the basic configuration Created Zones and Virtual routes etc.

I need to create a IPSec VPN from OCI PA VM to OCI VPN (Not a PA VM) setup on a another te

Unable to use IPV6 in VM series NGFW which is hosted in AWS Envirement

Hello Team, 

Need help to set up an IPv6 for VM series NGFW which is hosted in AWS env. 

We are able to see the IPV6 traffic on NGFW, getting Aged out logs for the IPV6 traffic. rules are present in NGFW to process the IPV6 traffic.