General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 423 Views
  • 0 replies
  • 2 Likes

Packet flow not properly defined

Hi Team,

 

i have seen two diagrams of packet flow from palo alto website. in Below NAT Policy evaluated is shown in first step. which is part of Network processor (slow path) and NAT applied after  Application  and security Policy it means from securi

...

PA Small PF.PNG
PA large PF.jpg
ss198939 by L1 Bithead
  • 2974 Views
  • 3 replies
  • 0 Likes

Agentless vs Agent based User-ID

Hello,

 

We have 500 users on site and currently using Agentless User-ID with PANOS 7.1.7

 

We are thinking of scaling up to Agent based. 

 

Can someone please guide me to a link/article that discusses the Pros and Cons of both? 

What are the common issues

...

Farzana by L4 Transporter
  • 5347 Views
  • 5 replies
  • 0 Likes

MineMeld engine:fatal message

I'm getting the below message in my minemeld logs and not sure what is causing it  

 

2018-07-11T00:30:28 (16652)config._destroy_old_nodes INFO: Destroyed nodes: [_ConfigChange(nodename=u'Amazon_IPv4_Agg_General', nodeclass=u'minemeld.ft.ipop.Aggrega

...

Supressing Application Dependancy Warnings.

On our "SKYPE" rule I have removed web-browsing, this causes dependancy warnings on commit.

 

I read this "solution"

 

https://live.paloaltonetworks.com/t5/Management-Articles/Application-Dependency-Warnings-with-Allowed-Enabler-Application/ta-p/55142

 

Bu

...

"Top Domains" report?

I think I've asked this but can't find the thread.  What is the recommended way to get some kind of "Top Domains Visited" report?

Everything seems to default to rdns of the endpoint which is not much use sadly with cloud/online content providers i.e.

...

Panorama Disk spare alarm.

HI All expert

 

my panorama M100 having an issue with disk space 95% in used need to clean up. I tried to delete all the core file and all the software and patching download but the Alarm still remain.

 

Tried to monitor few days but it's still there....

...

Disk space.JPG
Nono by L1 Bithead
  • 1677 Views
  • 1 replies
  • 0 Likes

Resolved! anonymize usernames in reports

Hi,

 

I was wondering if we would have the option to anonymize our monitoring reports.

with anonymizing reports I especially mean by graying out the username or change it by ip address in automated / schedulded report

 

Thank you in advance

rtruyers by L0 Member
  • 2505 Views
  • 1 replies
  • 0 Likes

Firewall rules - strange suggesttion

Hi

 

I gave a rule that allows snmp-trap messages to my SNMPD server.  for some reason PA complains that SNMP-TRAP needs SNMP-BASE.

 

Now if I add in SNMP-BASE this is going to open up port 161 where as trap uses 162.

 

So why do i need SNMP-BASE

Resolved! Order of preference of source for user and ip mapping

Hello All

 

If same user information is coming from AD and from other source like Cisco ISE syslog messages then which one takes preference in firewall?

Also who can I verify that both sources are sending user/ip mapping? As I always see source AD using

...

  • 23695 Posts
  • 110 Subscriptions
Top Solution Authors
Labels