Palo Alto blocks legitim applications

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Palo Alto blocks legitim applications

L0 Member

Hi everyone,

We have defined Risk App block rule which contains the app by risk category, characteristics and vice versa.

After upgrading PA to 10.1.5-h1 version it starts to block ssl, web-browsing, google-base, whatsapp and other apps which are not among apps which is blocked by my defined rule.

I'va looked for matching apps in app filters, but there were no apps which PA is blocked incorrectly. I assume that App Filter rule does not work properly.

Device is PA-820, PAN OS version 10.1.5-h1. Latest app and threats db is installed.

1 REPLY 1

Cyber Elite
Cyber Elite

@OGasimli,

That's not really a lot of information to go off of in your post if I'm being honest. How exactly do you have the application filter setup? When you look at the denied traffic does it transition from a blocked application to a know app-id at all? Without knowing how the filter is actually configured, it could be acting exactly as configured or it could not be. We'd need to know the actual filter to look into that more.

The only thing that I can say at the moment is that I haven't encountered any issues with our existing application filters when upgrading from 10.0 to 10.1, so I wouldn't expect this to be a bug. 

  • 1806 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!