i search a easy way to see who is surfing on witch web site. where is it and how can i automatically write it to our file server oder any where else to?
So my dream is to put our proxy out of order.
the PA is connected to LDAP i can see a user but no way for easy seeing with site will be connected to.
You have to have URL profile added to security policy that matches traffic.
All categories should be at least with "alert" action.
Allow action permits but does not log.
Palo can replace proxy. All you miss is content caching (but nowadays with dynamic websites it is not important) and URL rewrites.
And if you want to export the data then Device > Scheduled Log Export gives you option to export URL filtering log nightly to FTP or SCP server.
In the stirctest sense the Palo firewall cannot replace a Web Proxy. It can replace a web content filtering service.
Web proxies can perform URL re-writting, among other thing, and are a true MITM that afford significant caching of content. Like Raido has described if all you're wanting to accomplish is WCF replacement the the palo can 100% replace that appliance.
@clonesheep This should be what you're looking for:
Essentially you just need:
a URL subscription service and a URL profile applied to the desired security policy. There are tons of other variables though that might needed to be added or tweaked based upon your desired controls.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!