Panorama Dynamic Update overlap

Given the best-practices for Dynamic updates here, how do i configure this in Panorama and not have the commit warning for deployment schedule overlapping with 5 mins of another?

Its always going to be the case where Wildfire checking every minute wi

Can I use PAN-OS 8.0.0 to Study for the PCNSE 7 exam?

Hi guys,

I've been looking at getting a PA VM-50 for training puposes but I have been told that the both VM-50 and PA220 ship with PAN-OS 8 and is not backward compatible with earlier versions of code is this true?

Is there any reason I couldn't use

Restricted access to API?

Hi *,

I'd like to know if it's possible to restrict access to the API? (ex: to some IP addresses).

Example: if remote management is allowed from 192.168.0.0/24, is it possible to restrict the API usage to 192.168.0.1 by example?

Is it an option to

Proxy filtering or paloalto filtering

Hi All,

i have proxy in my network which is responsible for all filtering and categorizaing , also i bought a licnese for url filtering on paloalto so, is there any benefit to allow filtering and categoriziang on both ?

or no need for filtering on pa

Decrypting OPENVPN?

Is it possible to decrypt openVPN with SSL Forward Proxy? I'm pretty sure the asnwer is no, but I figured I would ask.

My problem is that I have a Ubuntu Server running openVPN client behind a VM-100. I would like to continue to use openVPN, but I wo

L7 Inspection

Hi All,

i migrated my asa to paloalto , but i can see that all policies are assigned service port but not appliation , so how can i get benefit from from application field ?

how can i transfer all polices from l4 to l7

miners throwing errors

In both cases below, Minemeld is running via hosted Autofocus App.

It appears that the ransomwaretracker miners are running into an error. All three are throwing a "[Errno bad handshake](-1, 'Unexpected EOF'). The source URLs appear to be functioni

Securing Access To Chef Deployment Servers

Currently we have a rule allowing the APP "ssl" from many different zones to our Chef Deployment Servers. I am trying to determine if there is a specific APPID for Chef but been unable to fine one. Since the server team says both port 80 and 443 are

PA200 time out - reason directory / 100%

Hi,

We have a cluster PA-200 with error "Session timed out". I just saw this link

https://www.pickysysadmin.ca/2015/02/08/palo-alto-firewall-displays-session-timed-out-when-you-try-to-login/

I tried to delete all core files but disk space is still in

Windows Server 2012 Terminal Server Agent

So Server 2012 has been out over a year, and neither the standard User-ID agent or the Terminal Server Agent support it.  Has anyone got a workaround (short of using 2008R2 server)?

Why paloalto-updates application is SSL now?

Since 03/April/2017 02:00 Firewall detect paloalto-updates application as SSL then firewall can't update new signatures because there is no SSL allow in policy.This problem occur to my 3 customer now.

Do anyone have the same problems?

Customer 1Custo