Palo Alto not flagging dangerous/malicious IP addresses as such?

Hi,

Today I sent two requests to get 2 IPs categorized as malicious (Command and Control) to Palo Alto. The IPs are:

45.33.9.234

199.59.242.150

The current category for both of them is: insufficient-content

However, these IPs are being associated with

Strange TCP traffic from PAN Firewall management IP going to Japan

Hi All,

I've noticed an strange event in our network. We have PAN 5020 and other PAN firewalls. The issue is from the management IP from one of them there is TCP traffic going to a Japanese server on port 135 (MSRPC). One of our Sensors detects it as

URL Filtering Implementation Best Practice

Hell everyone,

 I have a vendor that is going to work on deploying the URL Filtering service in our Pan3020 but I wanted to undersandt/learn what the best approach is in order for to come up with an outcome that is manageable once they leave us. As o

RSA TLS crypto attack, ROBOT—short for "Return Of Bleichenbacher's Oracle Threat

Recent article talks about a newly discovered (but old) vulnerability: 

     https://arstechnica.com/information-technology/2017/12/a-worrying-number-of-sites-remain-open-to-major-crypto-flaw-from-1998/?comments=1&start=40 

You can test your links her

Threat ID for Unsafe Characters in URLs

Is there a Threat signature to detect Unsafe/ Illegal characters in an URL? I've searched the ThreatVault but I couldn't find any unfortunately.

For clarity this is what I'm talking about - https://perishablepress.com/stop-using-unsafe-characters-in-

Suspicious Abnormal HTTP Response Found

My customers are complaing that they're not able to open the website www.sligrofoodgroup.nl

Our "Antvirus / Anti Spyware Block Page" kicks in, and in the threat monitor i see it's blocked cause off the vulnerability "Suspicious Abnormal HTTP Response

Update 762 "broke" our PA500

Hi Guys,

We manually updated to 762 today and our Palo immediately started ending sessions with the Resources-unavailable reason.

Reverting the update and restarting the dataplane fixed the issue.

Has anyone else had issues with it?

Regards

Ronelle

performance problem with pa-3050

We have two ISP related DNS servers with each behind a pa-3020.  During peak time we have seen the number of sessions increase to 150K on each pa-3020 so we were concerned that if one DNS server had to take the whole load then the pa-3020 would go ov

Protocol Protection Layer 2 or Vwire

My question would it be important to add protocol protection  in Zone Protection if you are running layer 2 or vwire on you palo alto fiewalll? and if so should it be placed  on untrust or trust or both?

Will IP Region Mapping work with virtual wire?

I have a Virtual wire in production with two zones (external and Internal) Have attempted IP Region blocking with no success. Is it supported with Virtual wire ?

Not all SSL traffic is being decrypted

I configured the firewall to decrypt outbound SSL traffic and installed a local cert I created onto my broswer. When I monitor my port 443 traffic I see some of  it is decrypted and some of it isnt. Is this normal behavior? I thought it was suppose t

Filter Threat logs by profile's name

Hello Community,

customer would search threat logs by profile's name.

It seems on the logs there are no any fields with the name of profile (Anti-Spyware or Anti-Virus or Vulnerability Protection).

Do you know how or if is possible to search it?

Thanks

HP Intelligent Management Center TFTP Server DATA and ERROR Packets Buffer Overflow (35688)

Good Day, everyone needing some help with a threat id number I can not find any information on. 

I am needing to do so research on this threat ID that is showing in the Palo Alto once in a while.  I am wanting to change security profile setting from