- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
03-09-2023 08:46 AM
Seems like the AIOPS QUIC blocking check is pretty explicit, that a rule is first in list and has application quic. It likely doesn't match on it being in an app group, or further down the list. When I added a quic block rule, it reported as unresolved until i moved it to the top of the other allow rules
.
'It is recommended to have a security rule with application = 'quic' and action != 'allow' before any allow rules to ensure encrypted traffic is decrypted and inspected'
I am also keen to understand the Palo Alto support model for AIOPS. Even though we have the 'Free' version, you have to spend a lot of money on the firewalls themselves to get it, so not really free, some support would be nice.