10-30-2017 03:58 AM
Hi,
I have some questions regarding the PAN-OS and blocking IP addresses.
We are getting daily emails with lists of IP's that are port scanning and probing th FW. The customer wants all these addresses blocked. For example over the last 2 weeks I have around 60 addresses to add. At the minute the process is to add each IP under objects > Addresses and then add the address object in to an address group object that blocks these addresses.
Is there a better way of doing this? I have found an article on External Dynamic Lists and using an interal web server which looks like a good option.
The other question I have is when I put these addresses in to a blacklist checker most of the come up on external blacklists. Is there a way of using these blacklists to block the traffic instead of keeping our own list?
Thanks in advance,
Luke
