General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Security Policy not blocking Facebook

Hello,

I am connecting to the VDI as the teststud user and can browse to Facebook. The session is hosted on IPC-VDI-VSH1 as per the screenshot below.

I have copied our existing security policy which blocks access to Facebook, Youtube etc. I can se

...

Resolved! Connecting to VPN Windows network profile changes to "Domain network" for the phys. network adapter

Just noticed that with Globalprotect 4.1.x the network profile changes to from "Public" or "Private" to "Domain network" for physical network adapter and not just for the VPN adapter while being connected to GlobalProtect service. Also when the VPN s

...

Resolved! Disable SSL decryption via CLI - how long

Happy New Year everyone

Need to know if i run the below command

Disable SSL Decryptionset system setting ssl-decrypt skip-ssl-decrypt yes

Will this disable ssl decryption for 1 hour or 1 day need to know for how long?

Cant deny users from using remote desktop on non standard tcp port

I am trying test app id & put a rule in (all the way on top) denying my work station from accessing RDP on machines in other zones. I have successfully blocked users from accessing RDP on standard port 3389 but can still access RDP on a machine that

...

Minemeld diminishing numbers when passing from miner to processor.

Hello,

We are trying to integrate Recorded Future IP risk list with our SIEM to do correlation after that.

We have set up correctly the miner, which gives us around 50k indicators.

We then proceed to pass it to the processor stdlib.aggregatorIPv4Gen

...

Resolved! Mid-January Azure AD IP Update

Can anyone confirm these 2 new ranges will be added to the feeds at the appropriate time? Didn't see any discussion on this.

https://techcommunity.microsoft.com/t5/Intune-Customer-Success/Support-Tip-Azure-AD-updating-IP-Addresses-in-Mid-January/ba

...

DHCP - DNS Servers

Hi All,

Awhile back I was having an issue using DHCP on our PAN Fws. In the DHCP options, if I set the primary DNS to an internal DNS server and the secondary to a public DNS server, our clients randomly had issues accessing internal resources. I wo

...

Resolved! NAT Issue

Hi Friends,

I have 2 server hosted in lan zone and one public ip . i have configure the NAT for 1 server from outside from port 80 and its working fine. but i want access the other server from lan with public ip from port 80 but its not working showin

...

Configuring XFF logging without a URL Filtering License

1. Create a Custom URL Category with * under ‘sites’ (Objects >> Custom Objects >> URL Category >> Add)

2. Create a URL Filtering Profile & set your Custom Category action to “alert” (Objects >> Security Profiles >> URL Filtering >> Add)

Tick

...

Allow policy for 2 hours per day

Hi

It is possible to allow a rule for 2 hours within a possible time window

I would like to allow for exampe youtube for 2 hours per day for our employees .

Could i solve this somehow via API ?

Regards Markus

Migration tool Installtion

I see lots of posts of how to install and use the migration tool, but can someone please provide steps on how to install it properly.

Palo Alto Agentless User-Ip mapping Not Working

Hi Folks,

Need urgent help on an issue where " PAN Box Integrated with AD as an LDAP entity for USER-IP Mapping. So when User switches from LAN --> WiFi or WiFi --> LAN different IP Subnet, user-ip mapping don't change instantaneously" because of th

...

Resolved! Threat Prevention - IPS features

Hi,

Can we enable IPS features on a particular sub-interface/zone in Palo alto so that it gets applied to all traffic that enters through that particular sub-interface?

From the little reading which i did, i am seeing it as configuring it in secur

...

Resolved! Scheduled export of csv system log for Global Protect logins

Have been looking around trying to find this and can't find it.

I have a filter for system logs to filter all the successfull Global Protect logins for the last calendar week.

I have been manually exporting this to a csv but wanted to schedule the pr

...

Resolved! Aperture working/basic, how aperture policy works

I started with aperture and document mentioned "Aperture compares your user defined aperture policies to the data content and context to calculatre any policy violations"

I understood

Conext = data exposure

Content = Data patterns inside the acutal fil

...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free