Lotus Notes decryption

We have a potential customer who would like to analyze email attachments in sandbox. They are using Lotus Notes as their mail application/server. Has anyone tried decrypting Lotus Notes traffic? 

Because if this doesn't work the only solution is a cli

Swapping the roles of Firewalls in HA Pair

Hi Guys

I want to swap the Active/passive roles of the Firewalls in HA pair and let it run for couple of weeks.

I know that can be done by 'suspending the role' from GUI and from CLI too.

want to be careful about pre-emption and donot want to break the

Blocking XPS file types

As of late, Ive been seeing more and more xps file types tied to phishing attempts. PAN does catch it "Microsoft Phishing Site Detection", but as a for production. XPS files are not needed.

But as simlar files types are list to be blocked "pdf's, etc

Minemeld and production installation

 Hi,

I'm considering how to do some of the following, if anyone has advice or links to documentation I'm not finding I would appreciate it:

1. Export the configuration in a way that any local custom miners are also backed up, meaning the restore is a li

what is the best for social-networking category ,Decrypt or no decrypt

Dears

In my company ,unfortunately, allow facebook.com website

we note when do "SSL Decryption" for social-networking category ,There is huge utilization on CPU (Up to 85%)

what is the better for this case as design  : Decrypt Facebook or no decrypt

FW Logging Prefix list

Can any one confirm that when we configured log collector group with two managed log collector (both active and passive Panorama's) and if see the logging status on the firewalls does it show only the Active Log collector or both Active and Passive l

URL recategorization

Hi,

I would like to know how I can receive details on why a URL is placed in certain category and not another.  I have a specific one that I submitted (nbcnewyork.com Palo Alto states is Entertainment and Arts) however the employees submitting this f

NAT allocation during a pool configuration.

Team,

We have a NAT pool configured for one of the ongoing requirements. Is there a way to force this pool to allocate IP address from start to end as per new requests come in?

e.g. NAT pool configured is 10.10.10.1 to 10.10.10.10

IP source is anything

Security Policy not HIT after work for 1 month

I got setup 6 AWS VPC with direct connect connection to on prem panorama, which is working fine for a month, and now suddently all 5 VPC disconnected from panorama in the same time.

i checked the BGP and IKE all established, i can ping the panorama I