Cortex XDR report template query.

We have created a report template in the Cortex XDR console for endpoint status. The creation was successful, but the generated report only displays the endpoint status in an Excel format. However, we would like to view the endpoint host list status

Dual ISP - ECMP and/or PBF

So may be a 2-part question.  First, we have 2 ISPs both equal bandwidth so I've setup ECMP using IP Modulo do i need to set up PBF, or is that if you don't have equal ISPs?

2nd and the real issue.  One of my applications that is tided via public d

How to Identify If there was an allowed traffic from external suspicious IP in Panorama.

Hello All,

I'm a bit confused to understand the exact process. When monitoring the traffic from an external source ip (malicious one) and checking the logs in Pano see that session end reason was "tc-fin" and type was either "drop or end" with action

Palo Alto Networks Updated Visio Stencils

Palo Alto Networks 2017 Updated Visio Stencils.

::edited by @reaper the official article can be found here ::

The stencils can also be found here: http://www.shapesource.com/palo-alto-networks-visio-stencilsource.com/palo-alto-networks-2

Enjoy

How and when to use ARP-Loadsharing and Floating IP - Upstream/Uplinks

How and when to use ARP-Loadsharing and Floating IP - Upstream/Uplinks

Hello Live comunity, how are you all doing.

In the use cases you can see that the use of ARP Load-sharing or IP Floating, ARP is used thinking in the access to the Gateway vs IP F

How to get PaloAlto to use Local CA certificate instead of self-signed certificate.

On my network, I have a Windows Server CA, a Windows 10 box, and I PaloAlto box.  The PA is currently running Software version 10.1.7.  I have created a PA.csr and sent it to my CA server, and received my PA.cer w/o a private key.  I have uploaded th

Integration Issue - XSOAR Cortex and Splunk SIEM

Hello Community,

I am facing an issue while trying to integrate XSOAR Cortex with Splunk SIEM. I have followed the necessary steps, including providing the IP address of the Splunk SIEM, my username, and password for the SIEM account. Additionally,

Exporting logs

Hi,

I am trying to export filtered logs from the monitor->traffic tab, but I get nothing:

When I click on the export button there is a little window "Exporting logs, please wait.." that is running about 10 or 20 min and some time it never end and som

Enabling IPS on PA-3220

Has anyone been successful with enabling the IPS feature on a 3220 ngfw? We have the appropriate advanced threat prevention license applied, but I am having difficulties getting it enabled and configured.

Thanks in advance!

How to make white list policy on file blocking palo alto

I have Palo Alto PA - 5520 Series

when the user uploads a file, I want palo alto just allow file in jpeg, png, xls, xlsx, pdf type. and blocking other file types.

because my server has an incident, it receive file type phar and php (malicious file) b

IP Wildcard Mask Address Objects

Hey,

This properly confuses me every time I look at it. Is anyone able to explain in very simple terms how to work out what the mask should be?

For example: We have an IP scheme that looks like 10.x.128.0/24 where the x changes for each site. We ha