Is Traffic Pattern / behavior based detection is possible in PaloAlto as in the Cisco,.
In Cisco it works as fallows,.if we have enabled traffic sensor for particular time period it will calculate the percentage of traffic based on protocols as shown below
HTTP - 30% FTP - 20% HTTPS- 50% and this information will be used in future traffic analysis, for eg : If HTTP traffic goes above or below the 30% then it send alerts to administrator and same for the FTP (above or below 20% and HTTPS 50%).
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!