About gafrol

case is open. Need to deliver additional logs, but currently I have no access to the FW. If anyobdy else is having the same problem,pls open a case too.  rgds Roland ... View more

opened support case. ... View more

Hi Todd,  actually https traffic should show up as Application ssl and not web-browsing. In your security policy did you allow application ssl for this test ?  rgds Roland ... View more

As far as I know PAN is not a reverse proxy in terms of a WebApp Firewall. Although it can break up inbound SSL traffic in order to analyze traffic destined for internal webservers.  Roland ... View more

Simply because the "attacker" is our internal Mailserver and I can guarantee it's not compromised nor is this host infected. My focus was to point out that the end system is not vulnerable because it's not Lotus Domino LDAP Service running on it, and therefore it's a false positive. At the Moment PAN just does not know better about the victim, because it lacks the required intelligence.  But I agree with you the attack pattern could still be a match against the IPS signature for this vulnerability, but I don't want to get alerted in the middle of the night just to find out that the system is not vulnerable, not even the right OS or Service for a successfull attack, but the IPS has fired...  From my experience with several other standalone IPS vendors, be it McAfee Tipping Point or ISS, false positives are a pain. That's why Sourcefire for example has partnered up with Qualys to make a more reliable IPS (called 3D if I remember correctly) with less false positives.  I believe that's to way to go.  Roland ... View more

Thanks Benjamin, I have forwarded the request to the local SE.  Roland ... View more

I am aware of this, but I can assure you all this basic networking stuff is working fine on our side.  rgds Roland ... View more

It's not only in Panorama but also on the firewall. ... View more

In my case, setting the value to 60 secs is still ok. ... View more

You are right, after changing "Receive Timeout for connection to Panorama" from default 20 to 120secs the error did not show up again. This change has to be done on the firewall not on Panorama. ... View more

Hi Kelly, ok I understand but I think most of our Check Point minded customers will not like that. The commit button in the upper right implies to apply whatever has been changed in the central management to the local firewall modules, be it in a security policy or a NAT rule etc. Currently I would not call that procedure straight forward and easy... Also this concept is not consistent it depends on the context you are in Panorama. if you are in the device context then the upper right commit button will do the job. Personally from my experience I must say in an enterprise environment with more than just two firewalls, an easy to use and at the same time powerful central firewall management is an absolute MUST.. I see progress in Panorama but it's still a long way to go when I compare it to SmartCenter R75. Something else which is really annoying is the slowness of the web based management. Is it just me or is anyone else complaining about that ? I am using a PA-2020 and Panorama in our Lab and again if I compare it to Check Point it's like night and day... There must be really some improvement from PA. Lately I was showing the Mgmnt. GUI of a PA firewall to a customer, the first question was, is this going to be faster in the next release ? rgds Roland ... View more

Hmmm funny I have checked disk space on our Panorama 4.0.1, the figures don't match ..... ... View more