Limited Role to disable GP

We are using GP in an always on state.  From time to time our users need to disable it to user another VPN or when things just aren't working.

I would like to be able to allow our help desk to log in to our firewall and only be able to go to Network

Mac prompt for keychain access everytime

Working on deployment of GlobalProtect for our Mac users and running into an authentication issue. Everytime the client wants to connect the user is prompted for keychain access and a password. I have seen this article here

https://live.paloaltonetwo

URL category determined from browser?

I had a website that was mis-categorized and put in a request to have it recategorized. It changed in the next PAN-DB update within the hour, and I was able to confirm that the site was showing the proper category now. I could see the new category be

OpenPhish Feed False Positives 10/07/17 Around 04:00 EDT

We have a URL EDL setup using the OpenPhish miner that comes with Minemeld  (openphish.feed miner) that a deny rule is matching against.  We have never had any issues with it blocking legitimate URL's but a few days ago the deny rule that matches aga

Agentless User-ID Connection to Active Directory Servers give me timout connection error

Hello

plz help me in this problem, Agentless User-ID Connection to Active Directory Servers give me timout connection error, how i can fix this ?

i'm using server 2012

i already followed this link steps : https://live.paloaltonetworks.com/t5/Management-

Captive portal issue

hi

-captive portal is configure for the users 

-on iphone it is working fine 

-for andriod versions i.e it is not poping up the page

-Sign-in to wifi Pop Up is not coming on android 6.0.1, android 5.0, android 4.4.2

-Intermittent connection on mobile app

How to determine DoS Alert, Activate and Max thresholds (Packets/second) from PaloAlto firewall.

Hi,

We have implemented the PaloAlto firewall through which traffic is passing without any issues. Now we want to enable DoS protection and we assume that the current traffic passing through firewall is legetimate.

I need your help to understand and

Get newly added Device in sync with Panorama

I have been manging a PA-500 individually for a few months due to it being on Code 5.x and it not being able to be managed by my Panorama 8.x server. So I have finally brought this PA-500 up to code 8.x, runs like an old three legged dog now, but now

A Summer Question: Craziest Next-Generation Firewall deployment?

You've all been there, right? It's now time to have some fun sharing... Where is the craziest place you’ve had to deploy a Next-Generation Firewall (NGFW)? And – does that bring to mind any NGFW deployment tip to share?

Disabling BYOD VPN when not conncected.

For security of my personal device, I'd like to verify how to fully disable the BYOD VPN software when I'm not connecting.

Also, I'd like to verify how can I be sure I'm running the BYOD version and not some version that has spyware capability?

How to block unknown machines from traversing the network

Hi all. My question is how can I create a rule that blocks traffic from a computer I brought from home as opposed to from my work domain? 

I want to be able to see people that bring their own devices onto the network and then block access to the netw