cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Feature Request List

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Reply
vsys_remo
Cyber Elite
Cyber Elite
‎05-15-2019 03:07 PM
‎05-15-2019 03:07 PM

Added FR ID 11012 - Windows Server 2019 support for User-ID Agent

0 Likes
Reply
dannon
L3 Networker
‎06-04-2019 08:23 AM
‎06-04-2019 08:23 AM

Reached out to my SE with these:

 

1.  run a "user activity report" 

in the "Download URL logs" link which open up a CSV file, please in this file include either the original Username or IP address which was entered into the box on the original "User Activity Report" dialog. We are concerned that Lawyers might not hold the file up in court since it doesn't have a username / IP tied to it.  Only the "Download User Activity Report" has that. - FR11763

2.  Log and report search keywords - user typed in suicide into Google - FR6186

3.  Show current interface bandwidth in a dashboard widget. Be able to log over time. - FR4507

4.  Log /report / make a column header the TLS/SSL version detected on HTTPS sites. - FR5678

5.  Allow the GUI to change colors - themes.  Maybe a dark theme?- FR11765

6.  In "Response Pages", have a "Preview" link, so that we can see the page quickly without having to download and open in another browser.  Useful when making changes.- FR913

7.  Allow for more "User Activity Report" customization - pie charts, different bar charts, color, tables, etc. - FR11764
 
Tags (1)
0 Likes
Reply
vsys_remo
Cyber Elite
Cyber Elite
‎06-09-2019 11:20 AM
‎06-09-2019 11:20 AM

Hi @dannon 

 

I have added your FR IDs to the list. And in addition I have some comments:

@dannon wrote:

1.  run a "user activity report" 

in the "Download URL logs" link which open up a CSV file, please in this file include either the original Username or IP address which was entered into the box on the original "User Activity Report" dialog. We are concerned that Lawyers might not hold the file up in court since it doesn't have a username / IP tied to it.  Only the "Download User Activity Report" has that. - FR11763

What abour simply downloading the logs directly from the URL logs?

 

@dannon wrote:

3.  Show current interface bandwidth in a dashboard widget. Be able to log over time. - FR4507

Since PAN-OS 8.1 there is a device health monitoring in panorama which includes bandwidth

 

@dannon wrote:

5.  Allow the GUI to change colors - themes.  Maybe a dark theme?- FR11765

This is already possible with browser extensions (maybe even directly in the browser) by enabling high contrast modes or by changing the css.

 

@dannon wrote:

6.  In "Response Pages", have a "Preview" link, so that we can see the page quickly without having to download and open in another browser.  Useful when making changes.- FR913

Because of the low number of this feature request this one is already pretty old so I think the chances that this (checkpoint) feature will be implemented are not that high...

0 Likes
Reply
benime
L1 Bithead
‎06-10-2019 01:59 PM
‎06-10-2019 01:59 PM

FR-11251: Panorama High Availability: MFA using SAML (Okta)

 

When using SP-initiated SSO from PAN-OS via Okta and SAML, the SSO profile selection is sync'd between Active/Passive. Thus, you can only log in to one of your devices from an HA pair--e.g. if your SAML auth profile and its associated configuration in Okta redirects to the Active device's ACS URL, then you can only authenticate to the Active device. If you initiate SSO from the the Passive device, it will fail because you are redirected to the Active device's ACS URL and the assertion is for the Passive device.

Reply
tforeen
L0 Member
‎06-11-2019 07:06 AM
‎06-11-2019 07:06 AM

We desperately need PANOS to support more than 8 ae interfaces.  We have some large chassis (with multiple vsys) that are embarrassingly underutilized because we can't assign more ae interfaces to them.  This seems like such a minor tweak, but it would help us fully use the hardware investments that we have made.  Please help! 

0 Likes
Reply
vsys_remo
Cyber Elite
Cyber Elite
‎06-11-2019 08:43 AM
‎06-11-2019 08:43 AM

Hi @tforeen 

Please reach out to your SE to have him create a feature request for this. Once you have the FR ID you can post it here and I will add it to the list, so others can see this and vote also for the FR. But as I am not a paloalto employee I cannot create the Feature request for you.

0 Likes
Reply
dannon
L3 Networker
‎06-11-2019 09:52 AM
‎06-11-2019 09:52 AM

Hi @dannon 

 

I have added your FR IDs to the list. And in addition I have some comments:

@dannon wrote:

1.  run a "user activity report" 

in the "Download URL logs" link which open up a CSV file, please in this file include either the original Username or IP address which was entered into the box on the original "User Activity Report" dialog. We are concerned that Lawyers might not hold the file up in court since it doesn't have a username / IP tied to it.  Only the "Download User Activity Report" has that. - FR11763

What abour simply downloading the logs directly from the URL logs?

The boss specifically is concerned about detailed user report - he has a specific need to see all traffic for a particular user.  He says it allows the ability to see "intent".  It's because our HR dept is very wishy-washy and don't want to repremand someone unless there is bullet-proof evidence.  I guess the boss is extending this rationale to a legal scenario.  I don't always agree with the logic, but it's what he wants to see.

 

@dannon wrote:

3.  Show current interface bandwidth in a dashboard widget. Be able to log over time. - FR4507

Since PAN-OS 8.1 there is a device health monitoring in panorama which includes bandwidth

We only have 1 firewall, so aren't going to get buy Panorama.  Would be nice to add a widget to the existing dashboard natively.  I would think it wouldn't be that hard.

 

@dannon wrote:

5.  Allow the GUI to change colors - themes.  Maybe a dark theme?- FR11765

This is already possible with browser extensions (maybe even directly in the browser) by enabling high contrast modes or by changing the css.

I've had other vendors (Fortinet) that allow this natively.  It's not a high priority, but since others can do it, why not Palo?  I just thought I'd add it to the list for the future in case someone else wants the feature too.

 

@dannon wrote:

6.  In "Response Pages", have a "Preview" link, so that we can see the page quickly without having to download and open in another browser.  Useful when making changes.- FR913

Because of the low number of this feature request this one is already pretty old so I think the chances that this (checkpoint) feature will be implemented are not that high...

Understandable, but again, included just to have a request out there.

 

 
Tags (0)
Add tags
 
0 Likes
Reply
vsys_remo
Cyber Elite
Cyber Elite
‎06-15-2019 01:24 PM
‎06-15-2019 01:24 PM

@benime thanks for sharing

FR ID 11251 is added to the list

0 Likes
Reply
OGMaverick
L3 Networker
‎06-26-2019 07:05 AM
‎06-26-2019 07:05 AM

FR ID 11012 looks to be completed as per https://docs.paloaltonetworks.com/compatibility-matrix/user-id-agent/which-servers-can-the-user-id-a...

0 Likes
Reply
vsys_remo
Cyber Elite
Cyber Elite
‎06-26-2019 11:25 AM
‎06-26-2019 11:25 AM

@OGMaverick wrote:

FR ID 11012 looks to be completed as per https://docs.paloaltonetworks.com/compatibility-matrix/user-id-agent/which-servers-can-the-user-id-a...

Thanks @OGMaverick . I have updated the FR ID in the Feature Request list

0 Likes
Reply
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

Latest Blogs
Latest Posts
Privacy Policy Terms of Use
Copyright 2007 - 2021 - Palo Alto Networks