Upgraded to PAN OS 5.0 last weekend, got home from the Ignite Conference and was looking through the Threat Logs and I see a bunch of entries for spyware based on DNS signatures (new feature in PAN OS 5.0). Is there anyway to find out more information about this? I know it says Generic in the name, so I'm guessing this is a broad category. It would be nice if there was something similar to the Applipedia for these new DNS signatures. Thanks for any suggestions, I am going to try and dig deeper into the the box that is throwing those log messages.
Is there currently any explanation of what the 'Categories' mean e.g. difference between Generic and Trojan-Dropper (the two I've seen so far, though I know the latter at least is fairly obvious!).
It would also be nice to be able to split the policy and block some and not others (based on category etc).
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!