Our library has a Millenium server, the application is millenium-ils.
It stopped communicating after APP+Threat release 484 installed.
I rolled back to APP+Threat release 482 and it restored communication.
This morning APP+Threat release 485 installed and once again the Millenium Server is unreachable.
Performed the roll back to 482, and it is working fine.
Has any one else seen this?
Based on the version 484 Application and Threat Content Release Notes, there are no changes has been implemented for millenium-ils application on this database. Could you please let me know, is it reflecting in your "deny" traffic logs.
You may expand the traffic logs for the Millenium Server and share with us. From the traffic log viewer, we will come to know if that traffic is getting blocked by any of the security profiles ( as a false positive) i.e vulnerability, spyware etc.
For an example:
Sorry to take so long.
I checked the Threat logs and filtered with millenium-ils and received a /General Exploit Host Webpage/ under the name column.
The signature ID is /37349/ Severity: High.
Under my custom VP profile, High is blocked.
Last week, I opened a ticket with PA, they gathered info.
This morning they got back to me.
They could not replicate the issue.
They are suggesting a debug (FW off-line).
VP 487 downloaded and installed Tuesday night with same results.
I created an exception on my VP profile to allow ID 37349.
This is where I stand at the moment....
Could you please let us know the case ID. To investigate this issue, PAN TAC should take below mentioned information:
---- A full session pcap for RX, TX, FWW, DROP all 4 stages in PAN firewall.
---- Flow-Basic, App-ID Basic.
---- pcap at the soucre and destination as well ( if possible)
---- session details (between source and destination)
--- >show session id xxxx
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!