03-29-2018 11:34 AM
Hello,
I currently have one rule, that pertains to one inside and one outside host. I have a few profiles added to the rule such as a/v, spyware, vulnerability and file blocking. I dont see any events in the Threat monitor nor my Syslog server so my assumption is all is well, no threats detected? Is there any other way to confirm the firewall is performing the checks in the profile?
Thanks
03-29-2018 03:43 PM
As long as the traffic is communication across the rule that has your threat profiles applied then it should be filtering. I would search the destination and source address and verify that the traffic is not hitting any other rules first.
04-02-2018 11:01 AM
Yes traffic is flowing. Wish there was some other level of verification regarding the applied threat-profiles
Thanks
06-08-2018 01:16 PM
There are a few sites out there that will test it for you from the Internet IN.
Or go out and find an EICAR - eicar.org
06-14-2018 09:38 AM
You may also refer to https://www.paloaltonetworks.com/documentation/81/wildfire/wf_api/get-wildfire-information-through-t... to pull some test files through your firewall to generate threat log entries
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
