How to block Apple services' traffic

We have to block traffic generated from most Apple services, such as update requests, Apple Store downloads, mainly from the services in background.
We need all the steps to do it.

Thanks in advance.

Vulneability SQL Injection

Hi,

we have done some Vulnerability assessment on firewall with PAN-OS version 7.1.8 version. And found below vulnerability for which we are not able to find CVE or solution. Help me to find a solution for below:

Vulnerability : CGI Generic SQL Injec

using cli to enter x509 certs

Trying to use

set template TemplateName config shared certificate "CertName" public-key "xxx

"

I am getting it from a show template . but the string value is multiline so when i try and copy and paste. it fails on the second line

How do I work around t

Citrix Offloading

Hi,

I'm having several problems with suddenly disconnections between users and xenapp citrix through PAN. Looking some information about that I think that is related about ASIC treatment of traffic... Is possible turn offload traffic only for citrix t...

WF-500 - 7000 files\day? That is really the limit?

Hi,

According to wf-500 wildfire appliance document the machine supports 7000 files per day.
In my organization the machine actually scan more then 15,000 per day so how this is really work?
I see that the memory is always around 75% but the Cpu is only...

Traps local analysis behavior

Hi,

Last week we had a problem with TRAPS. We have ESM in the cloud, and we have traps agents in diferente sites. One of these sites had a problem with the internet, so traps could not contact the cloud. The case is that we have executables that trap

Global Protect Authentication

Hi!

I've a scenario where the authentication methods needs to be different for some users connecting via Global Protect. Basically two options needs to be supported:

• Certificate + username/password (LDAP) – Internal users
• Username/password (LDAP) + 2F

vpn site to site (Loosing the pings when ping from one end to another)

hi,

i have setup a site to site vpn between 2 palos . the tunnel is established but when one user from his PC ping continuously to a pc or a server on the other end, it looses 1 icmp after sending 10 or 15 icmps. 

My concern is how do check the credibi

Adult category not being blocked

Hi,

We have a PA in 8.0.3, we have blocked adult URL category in this FW. WE are expecting that users can see adult webs.

For example: If a user tries to go to www.beeg.com, the main web is showed properly, but when user clicks on a video or any part

Integrate Traps into PaloAlto Firewall

Hello

1-i wanna know how i can integrate Traps into PaloAlto Firewall ??

2-Traps work indepently from PaloAlto firewall or we must integrate to it ?

3-ESMCore_x64 that means "Ems Server" ??

Thanks a lot in advaced

Commit icon does NOT unhighlight on 8.0.x for Panorama-VM

Hello Community,

I have been experiencing different behavior with the commit icon (on the top right) of my Panorama-VM GUI since I upgraded from 7.1.11 to 8.0.3 (8.0.2, and 8.0.3-h4 has the same issue).

On PanOS-8.0.x the commit icon stays highlighte

Palo Alto Networks plus Google Chrome prevents embedded video

Struggling with a bizarre video issue with a company we contract with for community videos.  Files are embedded and show multiple errors of this sort:  Mixed Content: The page at 'https://www.elocallink.tv/proofs/prf/' was loaded over HTTPS, but requ

will user-id upgrade will cause an outage?

I am thinking to upgrade userid Current 6.0.4-3 to 7.0.8.

my current panos is 7.1.4h2

will this cause an outage to the users that are already on the firewall?

My understanding is that we will just not going to be able to map new users loggin in to the d