General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

SSL Decryption and Zoho Assist?

Does anyone have issues working with Zoho Assist with SSL Decryption enabled?

Does Zoho Assist do certificate checks at the client side?

skype for Business issue

Hi ,

I'm facing issue with skype for business through paloalto. very bad quality, it's not BW issue because we check it even at night.
any one support more with this subject.

Enabling TLS 1.1 in Decryption profile always allows 3DES even if unchecked

Scenario:

Decryption profile for traffic from the internet to GlobalProtect IP along with an SSL/TLS Service Profile for GlobalProtect, both set to TLS 1.1 or above; Decryption profile has 3DES unchecked.

PA-5020, 7.1.10

Scans from sites like ssllabs.co

...

Resolved! Malicious file not getting blocked

Hello,

An email attachment has been classified by Wildfire as malicious. However, it was not blocked and just an alert was logged.

Below are two screenshots from the Wildfire submission and threat logs.

Any idea why has the Vulnerability Protection cl

...

Resolved! Package Fetch/Repository Problem

Taken from the install guide, but is this still the correct repostitory:

:~$ sudo add-apt-repository "deb http://minemeld-updates.panw.io/ubuntu trusty-minemeld main"

:~$ sudo apt-get update

Hit http://security.debian.org wheezy/updates Release.gpg
Hi

...

Altering Cloned Template Changes Original?

I've been working with one of my customers on enhancing security across their firewall deployment.

After creating a template in Panorama including management hardening and protocol hardening configurations, they cloned the template so they could appl

...

Traps - Upgrading agents not working

Hi,

We are trying to upgrade agents to version 4.0.3 but its not working. Its failed. I attach an image.

How can we know whats happening?any logs???

Minemeld administrator rights

Hello,

I found how to add a new administrator. But I want this new administrator to get only read access on everything and write access on a miner - in order to add indicators (IPv4 and URL) on it.

Do you know if it is possible ? and how ?

Resolved! How To Add Output Feed Parameters When Using Autofocus Hosted Minemeld

I have a output feed that is serving up a list of URL's but I need to have http:// and https:// removed from the feed. It looks like I can use the ?v=panosurl output feed parameter but I am missing how to go about this when using the Autofocus hoste

...

SSL Decryption

Hello,

I have a PA-VM running on a ESX server.

I want to set up SSL Decryption on it using a SUBCA certificate chain signed by a PKI (windows server).

I check boxes "Forward to trust/untrusted certifcate"

I export the SUBCA to store it on a client machi

...

Resolved! Minimal System Requirements for Minemeld

I need to know the minimal system requirements to run Minemeld on Ubuntu 14.04 LTS.

How big does the HDD need to be and how many CPU's and RAM is needed minimal ?

Incorrect GeoIP location

Hi,

It came to my attention that our IP address: 94.23.154.203 according to paloalto geo database appears as it is located in Russian Federation, whereas RIPE and ARIN, NIC, maxmind and others state correctly it is a United Kingdom based IP address.

T

...

Resolved! IPSec VPN Tunnel - Tunnel interface IP address use?

Hi folks,

I am being asked to setup a new IPSec VPN Tunnel and one of the questions from their "worksheet" is what our Tunnel interface IP address is.

We have several IPSec VPN tunnels, each with their respective Tunnel Interface assigned. Most of t

...

App-ID for Tcp/1911 and Tcp/4911 used by Tridium Niagara

We are trying to add rules for Tridium Niagara application. What will be app-ids for TCP/1911 and TCP/4911? Thank you for you help.

Security policies & Schedules.

Hello,

Just a quick question. Unsure if this has been asked previously.

When applying a non-reoccuring schedule to a security policy, I have noticed in pan 8.0.x, once the schedule has expired, the policy in the security policy view does not ident

...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

SSL Decryption and Zoho Assist?

skype for Business issue

Enabling TLS 1.1 in Decryption profile always allows 3DES even if unchecked

Resolved! Malicious file not getting blocked

Resolved! Package Fetch/Repository Problem

Altering Cloned Template Changes Original?

Traps - Upgrading agents not working

Minemeld administrator rights

Resolved! How To Add Output Feed Parameters When Using Autofocus Hosted Minemeld

SSL Decryption

Resolved! Minimal System Requirements for Minemeld

Incorrect GeoIP location

Resolved! IPSec VPN Tunnel - Tunnel interface IP address use?

App-ID for Tcp/1911 and Tcp/4911 used by Tridium Niagara

Security policies & Schedules.

Does Palo Alto provide free exam vouchers for their customers?

Is there any way to apply multiple interface management profiles

THREAT MAP on GUI is unable to export

GlobalProtect Machine account exists with device serial number config

Identifying Source IP Addresses for Routing Palo Alto Firewall Logs to an Azure Collector via IPSec Tunnel

Re: CLI - Basic to Advance PAN-OS 11.1

Re: IP Wildcard Mask Address Objects

Re: What is still missing or needs to be improved in PA Next Generation Firewalls ?

Questions about PAN-303959

Re: Access problem Autoassist

Unlock your full community experience!

Resolved! Malicious file not getting blocked

Resolved! Package Fetch/Repository Problem

Resolved! How To Add Output Feed Parameters When Using Autofocus Hosted Minemeld

Resolved! Minimal System Requirements for Minemeld

Resolved! IPSec VPN Tunnel - Tunnel interface IP address use?