Dynamic Update from Panorama doesn't work

I want to use Panorama to perform dynamic updates for the "Antivirus" and "Applications and Threat" sections.

On remote firewalls, I configured Panorama as the update server.
I also scheduled the automatic update via a template.

In Panorama, I have the

DNS Format That sent to Arcsight it contain www?

Malicious domain names some of them contain www before domain name like www.xyz.com.

so if there is any solution to define that as domain name only like (xyz.com) to use it in correlation rules.

Why is this traffic allowed when the rule should not allow it?

I am tidying up some rules that were "rush" jobs as part of the initial deployment.

One rule "TEST-VI" was 

SRC ZONE - TRUST  
DST ZONE - Partners
DST Addr - I%%%%%A-VIP

Application - Any

I was going to get rid of this as there is another rule after it

GlobalProtect LDAP Authentication Fails

I have succesfully set up local login for GP but struggling to set up LDAP authentication. The CLI test says that its succesfull, but it fails whne using GP

Any tips please?

DHCP WDS

Hi,

i try to configure DHCP on paloalto to work with an WDS server.

WDS server and clients are on same subnet

WDS server is on static ip (reserved on palo)

Client take ip from DHCP of paloalto

Option 67 added on palo

I have TFTP error PXE-E32

Palo monito

Subject Alt: Email for GP authentication

I've been trying to setup this scenario. But I keep getting subject as username on GP portal. 

Is there any trick? Because configuration is pretty simple.

Delete object group, created new obj. group, policies and objects deleted - how to revert back?

Since we do not have any spare Palo Alto FW's and our is production I must ask before doing something wrong...

I deleted object group (that included 2 HA FW's), created new one with the same 2 FW's comited to Panorama, but now the rules and objects a

DROP_UPDATE on Minemeld

Hello Community,

the logs on my Minemeld shows the below error for all that IPs that catch, could you please advice how to get ride of this problem?

Thanks in advance

Global Protect - Clients with excessive failed logins

We've had Global Protect in production for a while now, but it has just recently been brought to my attention that we are having a lot of users locking their accounts out.

The GP client prompts them for their AD username / password. Maybe they fat-fin

Prompt for Password to access System Keychain

So the solution to this is in the below KB

https://live.paloaltonetworks.com/t5/Management-Articles/GlobalProtect-Requests-System-Keychain-Access-on-Mac-OS-X/ta-p/53332

In the comments, it is reqested for there to be a automated way to solve this pro