Autofocus Minemeld Advantage vs wildfire?

My understanding is that wildfire autoupdates some URL categories within 5 minutes if you have the correct licensing.  With a current wildfire/URL filtering subscription, and without traps on our network, what is the real advantage to autofocus? My u

RSA AM and PA Configurations

Want to know if anyone has configured a PA to use the RSA Authentication Manager yet?  I have seen an RSA document from 2010 that states it can be done.

Guest Access via Captive Portal - problem with page not always appearing

I have set up a guest wifi network with an access point on an ethernet port of the PAN firewall.  The guest wifi network is unsecured.  I am using a web-form to ensure the guests see our logo, terms, and type in the correct password to proceed.

The se

Captive Portal - Terms of Service

I would like to configure my PA-200 in such a way that when the user tries to browse a web site, he is presented with the captive portal. On this page I would like to display a "Terms of Service" banner telling him about acceptable use etc. I do NOT

Captive Portal NTLM and responce page

Hello

Today I configured for one of my zone insted of default-web-form default-browser-challenge.

When I try to open new session on computer that isnt a Windwos AD machine i got:

and when I clicked Cancel:

I'm pretty sure that above message is possible

limitation when monitoring uptime with snmp

Hello Community.

I have an inquiry with which maybe you can help me. This is the situation:

In order to know the uptime I´m using the OID 1.3.6.1.2.1.25.1.1.0 to get the value of object hrSystemUptime. This is a counter of 32 bits and considering it´

panMgmtPanorama2Connected custom poller = Not-Connected

can someone tell me how can we troubleshoot palo alto firewall disconnection from Panorama. I tried to check system logs but there are no enough logs to troubleshoot it. 

logs

FW has lost connection to panorama, no log will be forwarded

Disconnected fr

SSL Forward Proxy Decryption with ECDSA Cert?

Just wondering if it's possible to use an Elliptical Curve DSA cert with CA and Trusted Root to be the Forward Trust Certificate for the SSL Forward Proxy decryption feature? 

Reading about the Perfect Forward Secrecy feature here:

https://www.paloalt

user-ID user mapping problems

Our PA 4.1 has problems mapping entries received from user-ID agent and LDAP queries.

show user ip-user-mapping command produces following output:

192.168.1.1 AD        grybai\vltr12345678

Here grybai is our NetBIOS domain name for domain and  vltr1234

GlobalProtect VPN on a Mac with multiple user accounts - privacy for other users?

I have a Mac with two user accounts (one work, one personal).  I have installed the GlobalProtect VPN client. Can my employer get access to any of the data in my "personal User Account" if I install and connect with the GlobalProtect VPN client when

Block "internet-communications-and-telephony" but allow Skype4Business connections

Hi community

Has anyone of you already had to deal with a request to generally block the URL category "internet communications and telephony" but at the same time allow connections to Skype for Business services of other companies?

The only way I can