PA-5200 Series in-out latency

Hello Team,

I have referred Datasheet and other documents related to 5200 series, but i cannot found any document which states the latency of firewall in-out

I need to check what is the documented latency for 5200 series firewall.

If anybody kn

URL filtering issue

Hello All,

I have a policy on palo as below:

Source : A --> going to internet --

destination address --> any

Application --> ssl

service --> aplication default

custome URL category -- > allowed google.com

what would be allowed as per this policy

Documentation on the setting "Software Cut Through"

Hi,

   I can't seem to find any info on the setting "Software Cut Through". It's currently set to true on our PA-460. Would that affect the performance of our firewall ?

Thank you,

Antonio

VLAN Interface, Zone and Security Rule

Hello guys.

always thank you for very helpful advice.

I have a question about VLAN Interface on Palo Alto Firewall.

As you can see below pictures, I made VLAN Interface and L2 Security Zone.

also I created security rule which allow internal

Allow SFTP downloads but block uploads

I have a use case wherein I am required to block SFTP uploads but allow the downloads.

I understand we can do this for FTP by creating a file blocking profile , but how can we do the same for SFTP.

PA-220 antivirus db will not show via manual or dynamic updates.

Hi all,

I have setup a PA 220 at home and have all licenses showing as functional.

I manually installed the apps and threats DB successfully. (it is seen under dynamic updates)

I manually installed the antivirus DB successfully. (it is not seen u

Multiple GlobalProtect profiles based on LDAP groups

I have tried multiple searches, but can't seem to find the answer that I am looking for.  I am migrating from Cisco ASA firewalls to a PA-440.  The PA-440 is running PanOS 10.1.6-h6.  On the Cisco we have multiple VPN profiles.  Each profile has acce

NGFW Application catagory

Afternoon all,

Been looking at an application called "SimpleHelp" - according to google ...

" it allows Any technician to log in using the following steps: Open your web browser and navigate to the technician address of your installed SimpleHelp se

how to know which informational level log related with hackers and invasion?

how to know which informational level log related with hackers and invasion?

when this can be found, how to deal with this kind of attack and informational log?

For example, in the past, smart install security incident , there kind of log are not

what kind of logs are security engineers looking for in palo alto ?

what kind of logs are security engineers looking for in palo alto ?

any tutorial and documents mentioned about these?

Unabe to import the custom url category in 10.2.x

While trying to import the custom URL category noticed the process is not happening. Showing us uploading but not happening. Seems it's a bug in 10.2.x.Same is working fine in 10.1.x

How does a firewall/vwire handle ethercode 0x0721

Hi,

we are currently setting up a clean pipe for Cisco ACI setup, so the intra-ACI traffic will pass the vwire, to have basic IPS inspection done.

Our setup is an A/P HA with a vwire.

Cisco is using Layer-2 ping with ethercode 0x721 to check, if th

Migration of PA FW of Different Model

Hi All,

Need to migrate 1xPA220 by 2xPA3020 and 1xPA500 by 2xPA450 with same configuration and connectivity. Can anyone help me what are the precautions i need to take to make migration successful.

Error when exporting using SCP

Hi community, 

When I'm trying to export a debug or dump file I'm getting this output:

          "scp: Failed to open file '/'.
           lost connection"

I tried this on PANOS 10.1.5-h1 and 10.1.6,

Is anybody facing this behavior?