EDL file problem

Hello -

I have created an EDL in PANOS 8.0.0 using a feed from Minemeld 0.9.40, when I commit I receive the following message:

EDL(vsys1/Skype-IPv4 ip) Downloaded file is not a text file.

Does anyone know how to correct the error ?

Thanks

SSL Decryption - Without URL filtering license

Hello

I plan to put in place a SSL decryption rule to decrypt ssl traffic (SSL forward proxy). But I don't want decrypt traffic for several categories of website such as financial (bank website). I haven't the URL filtering license. I create a first

Skip Proxy path for specific URL

Hi Friends,

I am using PA500 firewall and access internet using websense proxy server. There is some URL are frequently block in websense server even they are allowed in websense security server. My question is how can I confiugerd policy in firewall

URL Category in Security Policy only for http?

We unfortunately use a smtp server with fqdn. (cannot use fqdn object for certain reasons)

And we implemented a security policy with the url category in the "Service/URL Category" section of the security policy.

In the security policy, the application

Panorama - Determining Risky Users Risk Levels

Hello,

I've been looking but can't seem to find documentation for how the risk level is determined for Risky Users. Any references or suggestions for this would be much appreciated.

The closest document I could find was on how to determine risk level

Disable SIP ALG on non-standard port 10060

I have SIP ALG disabled and it's working fine for the default 5060 port, but my provider also uses port 10060 and I need to disable SIP ALG for this port as well. How can I do this?

Public VPN Bypass Firewall

Hi ,

    I have blocked some Applications (like youtube, facebook etc in PAN-OS9.0.0), But employees are still able to access these applications while using VPN (Like ibvpn, purevpn).

If anyone have solution please let me know, how to block that traff

Miner for IWF feed

Do you use Minemeld to integrate IWF (Internet Watch Foundation) to Palo Alto and can you share the miner config?

The list input from IWF json input w and will need to convert to  “URL List”. The feed also requies username/passward authenticaiton. 

GlobalProtect - SSO without Sign-in option

Hello Guys,

Is there a way to use GlobalProtect SSO without using the Windows sign-in option?

Thanks.

Best regards

PA-5220 high SWAP memory usage

Hi,

We have from time to time higher SWAP memory usage on 5520 box. 

Not sure if this would be critical or if I can just higher the treshold values in monitoring system.

On reference box the swap memory is 3%, but on this one 85%.

Reference PA-5520
---