unable to identify attcak and threat on firewall ip

Showing results for 
Show  only  | Search instead for 
Did you mean: 

unable to identify attcak and threat on firewall ip

L2 Linker

Q. our auditor scanned our firewall IP from outside network but we unable to identify and check the attack and threat on firewall ip but able to check on servers public IP in threat option. can any1 suggest where we can check in paloalto?


Community Team Member




To protect yourself from scans you can configure Zone Protection.

The zone protection logs are stored under threat logs.


This  might be useful (p.46 - Zone Protection):

Threat Prevention Deployment


I hope it helps.


LIVEcommunity team member, CISSP
Don't forget to hit that Like button if a post is helpful to you!

L5 Sessionator



Depend of you PANOS version but by default the IntrZone traffic (Untrust to Untrust) is not loggued. Mean no trace in logs.

You need to activate them.

After that if you want to be protected against floods, fragmented packet ... you need to configure both zone protection and / or DOS policy.


Hope help.



And security profiles must be configured.

Otherwise Palo does not scan for threats.

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!