Blocking CIDR addresses appears to tax our system, would creating a tag and applying it to a CIDR range be more efficient?
NGFW Panorama
Hello Team,
Just a query - wanted to understand few things related to PA- sessions timeout.
We have a server - which needs to connect to a specific port say 8xxx or 9xxx but unfortunately it requires connection to be established till more that
...
We have a security policy that is mapped to a AD security group. All applications on the policy work besides gmail-base. Users under the AD group are still being blocked. Any suggestions?
Looking for suggestions to unblock NUPKG files, as it is not a populated file (I already tried whitelisting the url it originates from):
The file you are trying to download or upload has been blocked in accordance with compan
Hello!
Guys please advise:
Could you tell me how to calculate used RAM memory? and how to check how much RAM memory has been installed.
M-600
sw-version: 10.1.6
show system resources
KiB Mem : 26297164+total, 2658524 free, 18238251+used, 77930608
...
Hello Team,
I have referred Datasheet and other documents related to 5200 series, but i cannot found any document which states the latency of firewall in-out
I need to check what is the documented latency for 5200 series firewall.
If anybody kn
...
Hello All,
I have a policy on palo as below:
Source : A --> going to internet --
destination address --> any
Application --> ssl
service --> aplication default
custome URL category -- > allowed google.com
what would be allowed as per this policy
...
Hello PA team,
I have configured permitted IP list for my management IP list and I am unable to access my firewall via GUI https or CLI - ssh.
I have enabled - PING , HTTPS, SNMP, SSH on management interface.
when i remove all permitted IP addr
...
Hello guys.
always thank you for very helpful advice.
I have a question about VLAN Interface on Palo Alto Firewall.
As you can see below pictures, I made VLAN Interface and L2 Security Zone.
also I created security rule which allow internal
...
I have a use case wherein I am required to block SFTP uploads but allow the downloads.
I understand we can do this for FTP by creating a file blocking profile , but how can we do the same for SFTP.
Hi all,
I have setup a PA 220 at home and have all licenses showing as functional.
I manually installed the apps and threats DB successfully. (it is seen under dynamic updates)
I manually installed the antivirus DB successfully. (it is not seen u
...
I have tried multiple searches, but can't seem to find the answer that I am looking for. I am migrating from Cisco ASA firewalls to a PA-440. The PA-440 is running PanOS 10.1.6-h6. On the Cisco we have multiple VPN profiles. Each profile has acce
...
Afternoon all,
Been looking at an application called "SimpleHelp" - according to google ...
" it allows Any technician to log in using the following steps: Open your web browser and navigate to the technician address of your installed SimpleHelp se
...
how to know which informational level log related with hackers and invasion?
when this can be found, how to deal with this kind of attack and informational log?
For example, in the past, smart install security incident , there kind of log are not
...
what kind of logs are security engineers looking for in palo alto ?
any tutorial and documents mentioned about these?
PavelK
on:
Is it possible to upgrade PAN OS- 11.0.2-h2 to 11.1.2-h3
