Url Filtering for all subdomains except one specific one

Hello,

Is it possible to block all subdomains, except for one specific subdomain, via URL filtering?

For example block *.yahoo.com, but allow sports.yahoo.com

Thanks in Advance for any advice.

Cybersecurity Thoughts

Hi,

I have recently read many Plao Alto and TrendMicro research articles, predictions and reports on subject of cybersecurity. Regardless of personal opinion there are possible catastrophic results that could happen in case of abuse of certain sectors

PA-5220s Active/Passive HA with Single VWire but multiple vSys's and Zones

Hi folks

Have pair of 5220s in Active/Passive HA. I'm reading that multiple zones cannot be used on VWire, well actually i'm finding that documentation not so clear and it could be functionality added in later releases of code.

Anyway let me try to e

UserID Factor Completion Time - Bad Data

We are seeing some random UserID entries being fed into our firewall that have a Factor Completion Time of "1969/12/31 19:00:00"; these always have a timeout of "0" so effectively kill the user mappings for that user.

Has anyone seen this before?  We

Zone protection - alert only

I have been investigating zone  protection and DoS protection for awhile now and I think I would have already implemented it if you could configure all the settings to alert when you begin testing.  

H/A Clustering Query

Hi,

I have a query regarding H/A clustering, I potentially have a requirement for H/A clustering with 3 firewalls and not just 2 (i.e. Active/Standby or Active/Active).

I believe that presently a 3 firewall cluster is not currently supported however

Data Plane high PA - 5020

i have problem about data plane, and the TAC say : packet rate is high, but i cannot find, how much PA-5020 can handle packet rate maximum.

i use command "show system statistic sessio" packet rate is 130K - 150K and dataplane 77% at 11:00 AM, but i se

Block recently registered domains

Is anyone successfully blocking domains that have been registered recently (last 30 days)? My testing has shown in the last three days, 380k domains have been registered. My PA-3020 capacity for External Dynamic Lists only supports a total capacity o

Dynamic NAT

We are moving NAT from the routers to the firewall (5050), the routers do not release the session's efficiently so we are constantly running out of IP's in the pool. Is there a rule of thumb for the number of IP's to sessions on a PAN 5050? We run at