Next-Generation Firewall Discussions

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

Newly-Registered-Domains

Hi Everyone We recently implemented Advanced URL filtering at our University, one of the categories we have blocked is Newly-Registered-Domains, we created a custom URL group and implemented dynamic lists for the infosec team to add exceptions and put a good process in place. The issue we seem to have is that we now face a challenge with our...

Palo Alto HA firewalls like for like replace

Hello Guys, I have a project to replace palo alto with another two palos they are configured as HA and i want to get all the cli commands in one go and past it into the new firewalls ? will that work? who knows what is the command that we could do that please?

Action is Reset Both in traffic monitoring

The user was trying to access the Proofpoint links it is not accessible in the firewall. We could see the action is reset both in monitoring and a session end reason is policy-deny and checked the threat logs but we couldn't see any logs in the threat. could someone please help me to understand the issue

The panorama encountered a commit failure: "failed to create sdwan cluster meta file: object of type 'NoneType' has no len()"

Hi team, While configuring PanOS SD-WAN, I successfully added the firewalls as managed devices to Panorama and installed the SD-WAN plugin version 3.1.2. Subsequently, I included the devices in the SD-WAN configuration, activated BGP policy for automatic creation. However, an error has surfaced in the process. ---------failed to create sdwan clu...

How to check if a specific port/servic is getting passed throgh the firewall to a specific Public IP address

An IT Auditor stated that SNMP is listening through the firewall for a specific Public IP Address. I have been filtering the network traffic on the PaloAlto 3020 for that specific IP address and also filtering with port 161. BUt Id not see any results except that the 'Deny-Deny' catch all group was being used. That is suggesting to me that t...

My PA-450 is not showing Network activity in the ACC tab

Good Morning! I am not seeing any network activity in the ACC tab for my 450. I've cleared all filters just in case, restarted the management plane, I even failed over to see if it was isolated to the one unit. Both are showing this. When I set the date spans, I see that the 9th is the last time datapoints were added to the display. The ONLY c...

Resolved! UserID domain name wrong

Hey everyone! So, we've recently made the switch from Checkpoint firewalls to Palo Alto ones, and we're still ironing out some kinks in the setup. Right now, we're focusing on setting up app control rules and such. But here's the thing: we've hit a snag with UserID mapping. We're hooked up to our Microsoft Active Directory on-prem, and everyth...

Resolved! Upgrading PAN-OS

Hi all, I will upgrade the PA-3200 from pan OS 10.1.9 to 10.2.7-h3, do I need a base image of 10.2.0 for the upgrade process? because i don't see documentation for the upgrading to 10.2.0 Thanks

Custom EDL List not getting Populated

Hi Community, Have configured EDL IP & Domain's list. Test source URL is accessible but its not showing any entries in the list. In IP list it showing only 0.0.0.0/32 but actual list is not showing. Please advise. Pan OS version: 10.2.7

Study Guide PCNSE in contradiction with the Technical doc.

Hi !, Just want to be sure please, The study guide page 181 mention that to use data port for HA1 link and management port as HA1 backup but it's not what is written in the technical doc... HA1 on Mgt port for PA without dedicated port and a data port for HA1 backup. I guess the technical doc is correct. All the best Ramin

Certificate to secure 100 plus SD WAN PANFW management interface for webui

All I plan to secure web interface for management of PANFW. we use data plane IP to manage all FWs. Is there way to deploy certs to each PAN via Panorama or it has to be done one by one. If any one did this before Please help and share Thank you Daniel

Dynamic User Group Auto Remediation configuration

Zero Trust architecture is the new trend of Security Philosophy based on the principe, never trust and continuously verify trust, which means even if the user is authenticated and permitted to access corporate resources with least privileges using RBAC, he is continuously tracked and monitored to detect any malicious activity, anomalous behavior...

Agcinvokerutility.exe - Adobe Utility

Hi All, Recently our Palo Alto flagged Agcinvokerutility.exe (Virus/Win32.Wgeneric.Eedlvy(624280308)) as malicious. A quick search on the virus signature on Virus total confirmed it to be highly malicious. However, Agcinvokerutility.exe is also a known Adobe Utility which verifies if a valid version of adobe software is being used. Has any...

PA-410 GUI is very slow over IPsec vpn

We are deploying new PA-410,450,440 in remote location. From Head office firewall to Remote location there is an IPsec vpn. When users from HO try to access PA-410 firewall over GUI it took 10 - 15 minutes to load. During this GUI loading data plane interface latency increases for example if i try ping servers in HO location from LAN inside P...

Resolved! Palo alto contact for refund

Is there anyone that knows who to contact for purchased done on AWS. -Palo Alto NGFW purchased on the aws market place If you you know how to go about the refund let us know. Thanks,