DNS Security

lcelinski · ‎04-15-2019

Hello,

Is there any way to turn off the following information after commit on 9.0.1 with Anti-Spyware Profile attached to Security Policy?

I can't delete Palo Alto Networks DNS Security option from Anti-Spyware Profile.

Warnings

Warning: No Valid DNS Security License
(Module: device)

Lukasz

aobszynski · ‎05-13-2019

Try delete it from CLI:

delete profiles spyware XXXXX botnet-domains lists default-paloalto-cloud

View solution in original post

aobszynski · ‎05-13-2019

Try delete it from CLI:

delete profiles spyware XXXXX botnet-domains lists default-paloalto-cloud

lcelinski · ‎05-13-2019

I opened a case and it was escalated developers

aritzposada · ‎05-29-2019

Thank you, this works for me.

You can't delete it from the default anti-spyware profiles, so if you are using them the warning will appear everytime you commit.

I cloned both of them (default and strict). Then I delete that "default-paloalto-cloud" entry from these new profiles and to finish I ensured to change the defaults with the new ones in all the Profiles Groups, Security Policies, etc...

lcelinski · ‎05-29-2019

I got the confirmation from Engineering that it is expected not to be able to delete default DNS options from GUI. You can use CLI. Fix for the warnings during commit is targeted to be released on 9.0.4

rmarlow · ‎06-06-2019

I am trying to do this in Panoramma using the following command but get an error. The profile I am trying to delete it from is one I created and not a predefined one.

delete device-group [device-group] profiles spyware [spyware-profile] botnet-domains lists default-paloalto-cloud

No object to delete in delete handler

aritzposada · ‎06-06-2019

Hi Rmarlow,

Is it possible that this object is in use? Or maybe shared?
Try cloning this object and deleting the profile "default-paloalto-cloud". If this works, it may be because the original object is referenced.

rmarlow · ‎06-06-2019

Thanks for the quick response.

Looking at it again this profile was located in shared so I needed to use the following.

delete shared profiles spyware [spyware-profile] botnet-domains lists default-paloalto-cloud

Many Thanks

HemanthV · ‎07-30-2019

Hi Team

is it possible to share the command to delete the Antispyware profile

jesseivens · ‎07-13-2021

I ran into this issue when I upgraded some VM-500s to 10.0.6. I was able to clone the default spyware profile, which I named "default-no-dns-sec" Then I went into CLI and issued the following commands to delete DNS specific items.

delete shared profiles spyware default-no-dns-sec botnet-domains lists default-paloalto-dns
delete shared profiles spyware default-no-dns-sec botnet-domains dns-security-categories pan-dns-sec-cc
delete shared profiles spyware default-no-dns-sec botnet-domains dns-security-categories pan-dns-sec-ddns
delete shared profiles spyware default-no-dns-sec botnet-domains dns-security-categories pan-dns-sec-grayware
delete shared profiles spyware default-no-dns-sec botnet-domains dns-security-categories pan-dns-sec-malware
delete shared profiles spyware default-no-dns-sec botnet-domains dns-security-categories pan-dns-sec-parked
delete shared profiles spyware default-no-dns-sec botnet-domains dns-security-categories pan-dns-sec-phishing
delete shared profiles spyware default-no-dns-sec botnet-domains dns-security-categories pan-dns-sec-proxy
delete shared profiles spyware default-no-dns-sec botnet-domains dns-security-categories pan-dns-sec-recent

On this firewall I have not "production" traffic yet, so I was able to disable all policies. I enabled 1 with this new profile and pushed from Panorama. No issues with the commit and no more warning. All policies and/or Security Profile Groups will need to be updated to completely solve this.

I do have a TAC case open, so I am waiting for confirmation from TAC on this.

Network Security

Cloud Security

Security Operations

DNS Security

DNS Security

Show your appreciation!