List of domains to allow for in-flight WiFi

Hi all,

I've been working with a number of customers lately who have been trying to gather a list of in-flight wifi domains that they need to allow as GlobalProtect Enforcer exceptions and I thought I'd share them here. I'd also ask that you please

User's traffic not hitting correct security rule.

We're running into an issue where a rule that is meant to update anti-virus protection on port 443 is slipping through and being caught by a lower rule which denies any application and service. (Hardware: PA-5050, OS version : 8.1.6).

As far as the se

Firewall WAN Zoning configuration best pratice

Hi, If the customer environment have 3 different internet service provider. Should I got 3 different zoning or just configure 1 Zone for 3 different internet service provider.

BPA for NGFW and Panorama

Hi Team,

Without Strata Cloud Manager access cant we do BPA?

Here in the below link we can do it for free is what it says.

https://docs.paloaltonetworks.com/strata-cloud-manager/aiops/best-practices-in-ngfw/on-demand-bpa-report

How to get access to

transfer the vm panorama to the nutanix

Hello

Customers are using VM Panorama for VM-ware.

Sooner or later, however, the customer will replace the vm-ware with a nutanix.

VM Panorama version : 8.1.6

VM Mode : VMWare ESXi

1. Can I get an image of a VM Panorama in use and use it in Nutanix?

2. W

How EDL Tor Exit IP Addresses is updated?

Hello,

I have noticed the EDL Tor Exit IP Addresses includes only over 1200 entries and the total list of exit nodes is over 12000:

https://www.dan.me.uk/tornodes

I was wondering based on what criterion Palo Alto is updating the EDL. Does anyone

Activating Trial license to extend PaloAlto working environment

Hi, community

Does anyone has any experience Activating "Trial Licenses"?

If let's say our support for PA-FW ends in 10 days and we would like to extend working-period is it possible to use "Trial Licenses"?

I know we can use them only once, but we d

Integration of SIEM Instances with Load Balancer IPs

Can we integrate two instances of the SIEM, given that both IP addresses belong to the same SIEM but are associated with load balancer IPs? However, if we integrate both instances, there is a slight chance of data duplication. What would be the best

Export Codes - HS/ECCN/CCATS

Hi, 

I'm looking to obtain the export codes for some Palo Alto Network products.  Can anyone point me in the right direction to obtain these?

Thankyou, 

Port Hopping - Is it for defence or Attack ?

cryptographic secure erase with NIST 800-88 guidelines

Query:

We would like to know if PA firewalls have cryptographic secure erase that complies with NIST 800-88 guidelines.

Ref:

https://www.stellarinfo.co.in/bitraser/ppc/nist-compliant-data-erasure-software.php?gad_source=1&gclid=Cj0KCQjwsoe5BhDiAR

User-ID Agent Timeout Triggering

I'm going through implementing a special 'modified' SP800-171R2 control list and I believe I can achieve satisfying controls such as 3.13.9 "user session timeout/terminate external access etc etc" control with the UID timeout function.

If I tied ex

When I press "Connect" button nothing happens

Installeds GlobalProtect 4.0.4-9 on my Mac. When I press "Connect" button nothing happens. I'm blocked, please help!

Alert when XSOAR doesn't fetch incidents for a certain integration.

Is there a way to receive an alert when no incidents are fetched in XSOAR for a certain integration for by example 24 hours. Not related to integration issues but if the integration works but nothing is fetched? 

Would be beneficial to know if there i