This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4558 Views
  • 0 replies
  • 1 Likes

error in placement of IPS diagram

this picture shows the IPS before the firewall : https://www.paloaltonetworks.com/cyberpedia/firewall-vs-ids-vs-ips#ips BUT in the matrix belowyou state that an IPS is: Positioned right after the firewall, before the internal network.Thanks for the whole page, very educational, but that one discrepancy is killing me, it makes me wonder if I am...

edwardpw by L0 Member
  • 639 Views
  • 0 replies
  • 0 Likes

CPU issues on PA-3410

Hi Team, Need some help with respect to below query: Issue - We are using PA-3410 in our environment. We are monitoring this device using Logic Monitor tool. Our monitoring team states that they monitors CPU and memory utilization for Palo Alto devices using the “show system resources” command using API key instead of using SNMP OID. Our mon...

SSL policy rule and needed match application values

Hello, I have a quick question in regards to SSL decryption and policy match values. If I have SSL decryption, and I want to allow 'facebook-chat' for example, I know a policy rule with the app facebook-chat and it's dependencies 'facebook-base,mqtt-base' is needed. I also understand that the implicit use applications will be allowed through t...

Punite by L1 Bithead
  • 754 Views
  • 0 replies
  • 1 Likes

Please check the Max Decrypt session value of PA-3410.

HelloI'm curious about the number of SSL Decrypt sessions for PA-3410.I could see this on the product comparison site before, but I can't see it now.A customer using Decrypt wants that information.It's not even in the spec sheet or data sheet, where can I check it?- Max concurrent decryption sessionsI'd appreciate it if you could tell me

Rule UUIDs Always Change

Greetings Community! Apologies if this has been answered in a previous thread- I couldn't find anything... When exporting configuration files from PA-3220 I have noticed that sometimes the rule UUIDs are different than the previous config dump and sometimes they are the same. Can someone please explain why this is? What causes the rule UU...

Global Protect Custom Setup

Hi Guys I have 5 separate GP Captive Portals and I want to make a custom setup for all of them separately. I will deploy them separately from the network. Can we change the global protect msi package? I heard it can be done from Expedition, is it true? So how do we add the relevant portal into the msi package?

Fly_Al by L0 Member
  • 671 Views
  • 0 replies
  • 0 Likes

Resolved! Not able to apply QoS profile to interface

I am preparing firewall for interface change, and moving 2 sub interfaces to a separate aggregate ethernet. Current AE1.10, .20, .30, .40 Upcoming AE1.10, .20 AE10.30, .40 I have already created aggregate and its subinterfaces and are disabled, added fake IP/s routes and created NAT rules using new interfaces, to make it easier on the chan...

raji_toor by L4 Transporter
  • 7309 Views
  • 12 replies
  • 0 Likes
  • 1589 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks