General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Debug TAC commmand

Hi I have a pair of lab boxes and looking to test the debug TAC -login and TAC-response commmands. My understanding ia usually TAC provided a password to unlock the data is it possible to get a test password for my company to use? We do not require T...

Resolved! External email attachments

Hi everyone,

We allow our users to check personal email externally(gmail/yahoo/etc). I'd like to prevent them from downloading attachments from these external emails if possible. Can this be done and how?

 

Reason being, downloading attachments directly

...

Crash28 by L1 Bithead
  • 3339 Views
  • 4 replies
  • 0 Likes

Idea to use Palo Alto for IDS replacement

I have a idea to use the Palo Alto Firewall Vulnerability Protection Profile has a IDS sensor. 

Here is the idea I have what to run this by anyone. Also need help to know if this will work. 

 

Vulnerability
vulenerability Protection Profile
Create a Rule
R

...

Intermittent SSL

SSL traffic stops after about 45 minutes and is restored in about the same time frame (maybe longer). Firewall is not configured to decrypt. HTTP traffic has no problems. Just deployed (test network) low use firewall (3050) running 7.1.7.

 

Tom-T by L1 Bithead
  • 3686 Views
  • 9 replies
  • 0 Likes

Drop_update

Hi,

 

I've just created a new node and I'm seeing events such us: DROP_UPDATE on aggregator type. 

 

My miner has all domain list but the aggregator has this meessge with "drop_update", do you know it??? Why???

 

Thanks a lot

 

SantiBT by L2 Linker
  • 4633 Views
  • 5 replies
  • 0 Likes

Resolved! Proper procedure for updating an extension

I tried this and it seemed to work, just want to be sure it is the right procedure.

 

1. Disable/delete existing extension wheel

2. Upload/activate updated extension wheel

 

Is there any negative impact on the nodes using the prototypes and classes o

...

MineMeld not updating Office 365 IPs or URLs

Hello Everyone,

 

Two days ago I installed MineMeld so that we could use it to "mine" the Microsoft maintained XML for the latest Office 365 IP addresses and URLs.  The first night It appears it worked as expected.  However, I have not been able to g

...

NickD. by L0 Member
  • 4219 Views
  • 1 replies
  • 0 Likes

Upgrading Panorama

Hi Guys,

 

I'm planning my panorama upgrade from 6.1.8 to 7.1.x, before starting with process, i want few doubts to be cleared.

 

1. My firewalls are still on 6.1.8, as per the PaloAlto documentation, after upgrading Panorama, it won't effect firewalls a

...

Resolved! Firewall bypass due to Java/Python FTP Injections

Hi. Reading the article below on firewall bypass I was wondering if Palo Alto Networks by default blocks active FTP connections.

 

http://blog.blindspotsecurity.com/2017/02/advisory-javapython-ftp-injections.html

 

That would mitigate the threat. Anyone

...

BGP routing question.

I have multiple sites (50+ tunnels) doing ebgp with palo alto(VM-100). So PA is learning smaller subnets from all sites which are known to each other by bgp.

Additionally connected aws doing ebgp which is all good. But number of bgp routes advertised

...

Skype, teamviewer and file transfers

Hello community,
I know that this topic was discussed many times, but the issue is still relevant.
Is there any possibilties to block only file transfers in applications like Skype or Teamviewer?
APP-ID don't have these specific subapps and file blockin

...

  • 24182 Posts
  • 101 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels