DNS Format That sent to Arcsight it contain www?

Malicious domain names some of them contain www before domain name like www.xyz.com.

so if there is any solution to define that as domain name only like (xyz.com) to use it in correlation rules.

Why is this traffic allowed when the rule should not allow it?

I am tidying up some rules that were "rush" jobs as part of the initial deployment.

One rule "TEST-VI" was 

SRC ZONE - TRUST  
DST ZONE - Partners
DST Addr - I%%%%%A-VIP

Application - Any

I was going to get rid of this as there is another rule after it

GlobalProtect LDAP Authentication Fails

I have succesfully set up local login for GP but struggling to set up LDAP authentication. The CLI test says that its succesfull, but it fails whne using GP

Any tips please?

Subject Alt: Email for GP authentication

I've been trying to setup this scenario. But I keep getting subject as username on GP portal. 

Is there any trick? Because configuration is pretty simple.

Delete object group, created new obj. group, policies and objects deleted - how to revert back?

Since we do not have any spare Palo Alto FW's and our is production I must ask before doing something wrong...

I deleted object group (that included 2 HA FW's), created new one with the same 2 FW's comited to Panorama, but now the rules and objects a

DROP_UPDATE on Minemeld

Hello Community,

the logs on my Minemeld shows the below error for all that IPs that catch, could you please advice how to get ride of this problem?

Thanks in advance

Global Protect - Clients with excessive failed logins

We've had Global Protect in production for a while now, but it has just recently been brought to my attention that we are having a lot of users locking their accounts out.

The GP client prompts them for their AD username / password. Maybe they fat-fin

HA First time Configuration

Im installing a single Palo at present with the intent of adding a standby unit in the near future. My question is regarding the interface addresses on the standby unit.

What do i need to configure on the standby unit in regards to IP addressing apar

VPN to Azure dropouts

I have searched high and low for this and found a few articles regarding IKE configuration and nothing seems to fix it.

PAN 3020 v7.0.5. IKE 2 VPN to Azure. The VPN works but around every 50 mintues the tunnel drops out for a few minutes then re-esta

different content of backup files.

Hey!

I'm using curl and the xml api to automtically backup the config of my PA-3020:

https://live.paloaltonetworks.com/t5/Management-Articles/How-To-Backup-of-Config-Files-Periodically-without-Panorama/ta-p/77312

However, the content of that file looks