Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
Hello Experts
Is it OK to to put application specific and port any in the security policy, specially if ports are dynamic like SQL DB?
Regards,
GR
My question is in regards to testing our enclave. I have an entity that probes/tests/scans our enclave for thousands of vulnerabilities per IP. I stopped the entries in the traffic-log by creating duplicate security rules with logging disabled. Ho
...
Hello Experts
I would like to create firewall rules from script to generate CLI commands. How to push these commands from Panorama to firewalls?
Regards,
GR
Hello Experts
I have more than 100 policies on PA firewall with service ports and application any. Manually identifying the application for each rule from logs and creating the rule with specific application on top of that rule, is really time consum
...
Hello,
I'm in the process of preparing two PA200s for our satelite sites. We are using Panorama to configure all of our firewalls and I'm trying to keep all my configs in the templates but am torn when it comes to the VPN configuration.
My main co
...
Hi All,
I have a question for you related to "Global Protect Client".
On the endpoint I have a certicate installed, that is trusted by PA firewall imported from an internal CA.
With this certificate it's possible when connecting to the "Global Protect
...
What would cause the data plane that has been running aroun 25% start running at 35-40%? Is there away to track down the reason
Hello Experts
Can we group the security policies like all AD related rules in one group. This functionality is there in Juniper NSM and checkpoint. I am wondering how I can achieve this in PA. May be through tags?
Hello Experts
Could anyone suggest the best way to name security policies as per their experience?
Regards,
GR
I am tring to move the /opt/minemeld/local/config directory to a new image of Minemeld I have running in AWS. I can scp the config directory out of my exisintg Minemeld using winscp but when I try to copy it into my new Mindmeld image it always abor
...
Hello Experts
I was just wondering how firewall session is created for inter-vr communication. I have scenario like this:
Interface eth1/1 (Trust-VR) Trust Zone ---LAN (10.10.10.0/24)
Interface eth1/2 (Untrust-VR) Untrust Zone ---INTERNET
In Trust-VR,
...
Hello
I have scenario like firewall is connected to two routers R1 and R2 through eth1/1 and eth1/2 interfaces respectively. From firewall, traffic is going through R1 via eth1/1 interface and return traffic is coming through R2 via eth1/2.
This is
...
Hello all,
is palo alto is capable of detecting password bruteforce attempts on windows login, for example, if a user put the password wrong many times while he was trying to login to a machie inside a company, is palo alto capable of detecting this
...
Hi,
this is the scenario:
- ISP1 : only for GlobalProtect
-ISP2 : only for Internet access
ISP1 has distance 10 and metric 10
ISP2 has distance 10 and metric 15
in this scenario the ISP1 interface responds to Global protect gateway/portal no problem. A
...
Just some feedback to the Palo Alto team.
This is the first time I've seen it reported this way, but the recent CVE reporting I think could be been conveyed better. The text was crammed together and written in a Menlo 8.5 script so it wasn't the ea
...
reaper
on:
GlobalProtect Android version 13 issue
reaper
on:
Replacing PA-5220 with a PA-3410 and need the best practice to migrate over configuration
aleksandar.asta
aleksandar.asta
reaper
on:
DNS Security cloud query timeout.
reaper
on:
cli "show" match case insensitive and pipe
