General Topics

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

is there autofocus artifacts miner

Hi,

I am looking for autofocus artifact miner, and in minemeld app, I found "autofocus.artifactsMiner".

But when I check my vm ubuntu, I could not find it.

How Can I copy and re-use this "autofocus.artifactsMiner" to my ubuntu minemeld ?

Thanks

...

Resolved! NAT configuration - DMZ zone to Trust zone

I've had a total brain fade, and am unable to figure this out. Hoping you guys can help.

Network topology is relatively simple. Firewall has three zones - outside, inside and DMZ - DMZ has a /25 of "real" Internet addresses on it. Outside has a /30,

...

Tcp service report for rules

Is there a report that I can run that will show me every rule that has tcp service applied? For example let's say migration tool is not an option and I do not want to scroll through 3000 rules to manually look. Or can I can export all rules and someh...

Restrict Any Any from Security Policy

Hi There,

At one of our sites we fell vicitim and have the dreaded any any security policy in place. We are trying to determine the best course of action to lock it down.

Would I create tap firewall ports and span all the traffic, then create new rul

...

DOS protection rule

We are thinking of creating a DoS rule and I was wondering what the group thinks of this rule and what affect it would have.

Resolved! Content s and Apps Updates

We have two 3050 units managed by Panorama. I have two related questions: What is the difference between Apps and Contents in Dynamic Updates? If we have a support contract for the firewalls and Panorama but don't subscribe to Antivirus, Threats and

...

Moving from a single PA500 to HA pair of PA820

As the subject states we are single PA500 shop now moving to Dual PA820 in HA.

What can I expect when moving to this type of setup coming from a single FW setup.

Is there anything I need to look out for any "Gotchas"? So far I know I am using 5 copper

...

Resolved! Panorama import config of firewall

Hi

So setup my HA cluster woo hoo. So now I have setup panoram

I have gone to managed devices and added in my 2 PA from above - by serial number, I can see then, I can change context into them. I went to each PA and add in the FQDN for the panoram i

...

Resolved! Where are the administrator access logs on Panorama?

In Panorama where are the adminsitrator access logs? I.e. if I want to see when a adminsitrator user last accessed the system. I know where that is on the PA firewalls, but on Panorama??

Does "rate severity" add context to the value from interface counter?

When one is looking at interface counters, does "rate severity" provide context for the "value"?

Since in some cases 1000 drops is not a big deal while others it may be.

name value rate severity category aspe

...

Resolved! forward logs to panorama without managing or on-boarding firewalls in panorama

I am looking for the best solution on forwarding taffic and audit logs to a Panorama without registering the firewalls in panorama. The goal is that Panorama should not manage those firewalls as they are in lab environment but would collect logs only

...

Outbound decryption and PAN-OS 8.0.2

we recently upgraded from PAN-OS 7.1.10 to 8.0.2 and some (but not all) websites are no longer decrypting

For instance, gmail doesn't decrypt anymore and we have a rule that allowed that application. Since that traffic isn't decrypted, it comes up as

...

Resolved! Consuming mind meld feeds on Firewall

Hi,

I have minemeld running on Azure and it processes and creates feeds as I would expect and can view them in a browser. The only change from the inital Azure build I have done is to install my own go-daddy SSL cert so out the box browsers will tr

...

Resolved! Failed to Fetch Packages

Getting error while executiing

sudo apt-get update && sudo apt-get install -y minemeld rsyslog-minemeld rsyslog-mmnormalize

Error

Failed to Fetch http://minemeld-updates.panw.io/ubuntu/dists/trysty-minemeld/main/binary-amd64/packages 403 For

...

Resolved! GP Access Routes

Is there any way to negate adding a prefix to the GP Access Routes? We have an app that we don't want to change the communication path when a machine connects with GP. So if it was accessing this app through an external method it should remain that w

...