About BPry

It's pretty important to think through exactly what you actually need to allow access to, as most things Palo tries to narrow down. The best thing is to read what it's actually going to cover either on the firewall in the GUI or by looking at applipedia which makes things a little easier to search through.  ... View more

Okay. Closest thing to that would be the Pan(w)achrome extension for Google Chrome; that will give you basic information such as bandwidth and session as long as you allow it access to your firewall with your credentials. That sounds like something more that your looking for, however it still doesn't keep track of historical information for very long as all; for that you would probably be looking at something like SolarWinds ... View more

If you have reports for application statistics along with sorting by the number of sessions then you can somewhat monitor the number of sessions on your network. I've included a screenshot of how I have mine setup. To the best of my knowledge you can't have a report for the number of sessions. We use the API to pull the output and save it to a text document so that we can somewhat manuanually monitor it if needed.  ... View more

error 577 would indicate that the signature on the driver itself is not correct, I have no idea what error 3 is. I would try to uninstall the agent as a whole and make sure everything actually removes; then try reinstalling and see if that fixes things. Make sure to redownload the agent incase your download is corrupt. ... View more

I don't believe the client itself has that ability; I would love to be proven wrong though.  ... View more

You might want to ask this in the MineMeld discussion forum as the developer actually is pretty active there.  MineMeld itself will auto-update if you allow it to; the OS on the other hand will need to be hardned by yourself and you will need to update and patch it as you would a normal Ubuntu image.  ... View more

If you have already been monitoring total bandwidth usage or application statistics you could get the same information in a more round-about way. ... View more

I'm thinking something changed on your end; I haven't gotten any issues with updating the DB this morning ... View more

Palo's VPN native client is GlobalProtect, it really depends on what OTP vendor you are using to determine if it will function with it. They don't have a Web only client, you would need to use GlobalProtect.  VPN functionality is free as long as you don't go past one Portal and one Gateway I believe that there is no user limit as long as your device can handle it.  Which firewall you should purchase is based on the number of clients; I would really read up on GlobalProtect on Palo Alto's main website to determine if this fits what you are looking to do.    Side Note: If the only thing you are doing is VPN on a Palo product and you aren't going to be using HIP checking, applicaiton ID, or any of the major Palo selling points I'm not sure why you would pick up a Palo product. Setting it to the side of your network and using it as a VPN only device you lose everything that makes Palo products worth the price. In this case I would probably recommend an actual VPN Appliance or a cheap ASA 5505 if it was going to be used only for VPN.  ... View more

I don't know if Palo actually offers this directly (they might) but usually this is something that most vendors would pass off to one of their VARs/Resellers and they would perform the audit. We had one done earlier this year with a company that actually does all of the order prcoessing for our Palo equipment and licenses.  ... View more

Lots of things actually. Do you have more sessions going through the data plane for some reason, did someone install something that is chatting to another zone, are people streaming more media, software bug? I think the first thing to look at would be if your session count is higher than it normally is and go from there.  ... View more

It kinda sounds like you just need to setup the route and then set the next hop to that gateway address. You can do so under the 'Network' tab and clicking on 'Virutal Routers' and then the VR that you are looking for and then just adding a new static route.  ... View more

@AhmedSheta since the Palo Alto doesn't actually see any traffic from local logins; or even for interzone RDP traffic depending on your network setup, this isn't possible. You could setup the alerts through event triggers in group policy and task scheduler but as far as the firewall goes it isn't going to help you much.  ... View more