This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

About fhu_omi

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
fhu_omi
‎05-21-2021
since ‎08-17-2017
L3 Networker
User Activity
User Profile
Latest posts by fhu_omi
View All
My Liked Posts
View All
User Badges
Community Statistics
Member Since ‎08-17-2017 05:07 AM
Date Last Visited ‎05-21-2021 03:51 AM
Posts 47
Total Likes Received 2

Re: HTTP Response Codes

by in Quickplay Solutions Archived Articles
‎03-10-2021 09:10 AM
‎03-10-2021 09:10 AM
Hi,   Additional Infos how easy you can add a Skillet to the existing fw config without external tools.   Add the bold lines to the skillet xml snippet. version depends on your PANOS verison, mine was 10.0.0 <?xml version="1.0"?> <config urldb="paloaltonetworks" version="10.0.0"> <vulnerability> Skillet Content </vulnerability> </config>   Go in the PAN webUI to Setup->Operations->Import named configuration snapshot and import the skillet xmlfile with the additional lines. Change to cli on PAN an enter: load config partial mode merge from-xpath vulnerability to-xpath /config/shared/threats/vulnerability from SkilletXmFile.xml   After that refresh the browser and commit the changes. Thats it   happy day Fhu   ... View more

Re: APP-ID: Target app and Depends ON APPs over more then one Security Rule! YES or NOT?

by in General Topics
‎02-03-2021 12:54 AM
‎02-03-2021 12:54 AM
@BPry    Thanks for your answer, that is helping.   This is just a management/operation decision. I like to create a general internet browsing policy that includes ssl and web-browsing, and then create more specific allowed application entries above that.  If you write "above" then you have the general internet browsing poilcy in the end of the ruleset? Ok, as you said, the position is not relevant with APP ID, only if you have other restriction of the tuple 6 criterias or URL matching criteria. If i understand the flow correct. ... View more

Re: APP-ID: Target app and Depends ON APPs over more then one Security Rule! YES or NOT?

by in General Topics
‎01-29-2021 07:40 AM
‎01-29-2021 07:40 AM
Hi @reaper and @BPry ,   Ok that makes absolutly sense, thank you very much. But what happens if i add in every security rule, the desired APPID and the "Parent APPIDs". For example, two seperate security rules with different AppIDs, like 1. pastebin and 2. github, but both have the ssl, web-browsing as depend on (this is only en example, one of them implicity use ssl). If i add ssl and web-browsing in every rule, but with different URL Filters, because i have to restrict in both rules different SubUrlPaths. How is handling this the firewall?   Is there an advantage or disadvantage, if i seperate depends on AppIDs in seperate security rules?   Because a ruleset should be readable, i think an order is good, if i alway need to search where i allow an AppID, then its difficult to read the ruleset. But i don't know if its a bad idee to build up the ruleset with needed depends on AppIDs first in the rulest and then i go more and more sepcific to the desired AppIDs. The rest of the ruleset is like first rule match, from spesific first to more and more general at the end. Now with AppID is this in my point of view the oppsit and i have to combine both methods.   Kind regards Fabio ... View more

APP-ID: Target app and Depends ON APPs over more then one Security Rule! YES or NOT?

by in General Topics
‎01-22-2021 06:03 AM
‎01-22-2021 06:03 AM
Hi There,   I didn't find a real answer for the question, if its nessessary to add "Depends On" Apps in the SAME security rule or is it also possible to add this in the security rules before?   Example for specific app and all "Depends on" in have to be in the same security rule: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClV0CAK (need to have one of the following apps need to be allowed in the same rule to allow facebook-posting) https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClirCAC (last example in the post) Official Admin Guide, says all depends on Apps have to be in the same rule. PaloAlto guy statement   And in the other side: Not nessessary or recommendet in the same rule: https://live.paloaltonetworks.com/t5/general-topics/app-id-doubt/m-p/344365#M86168 (I would generally recommend not including common dependencies directly in your AnyDesk rule, because it's likely already being satisfied in your rulebase.) If you clone or create a security policy ther is alway an option for "Depends On Application" to add to e existing rule instead only to the same, therefore could it be that this is also intendet to use in this way. (https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/app-id/use-application-objects-in-policy/resolve-application-dependencies.html) Also a demo setup, where in rule 1. is ssl and webbrowsing allowed, and in the 2.only github-base, result in that i can access github Because of these contradictory statements and the real experiment I am now very confused.   If it is possible to seperate depends on Apps in a rule before as the target App with this dependencies, like my setup. Then is it that the prove that not first rule matches!   i hope somebody can help   Kind regards Fabio ... View more

Re: MacOs Big Sur HIP Selection

by in GlobalProtect Discussions
‎11-16-2020 07:32 AM
‎11-16-2020 07:32 AM
Hi @MarkBarrett ,   Thanks for the hint. Is this string also on a "real" 10.16.0 System present or is it unique to BigSur? ... View more

MacOs Big Sur HIP Selection

by in GlobalProtect Discussions
‎11-15-2020 11:30 PM
‎11-15-2020 11:30 PM
Hi,   When and how to you add the new macos BigSure to your HIP Object selection?   thx ... View more

Re: Identify Panorama Template Overrides on Firewalls

by in Panorama Discussions
‎08-14-2020 12:15 AM
2 Kudos
‎08-14-2020 12:15 AM
2 Kudos
Hi @BPry  How are local overwrites taged in the xml? I can nothing see, in the exported config, which shows the GUI that something is overwirten localy. Can you help how to identifiy this entries?   thx   ... View more

Re: Custom App for CRL downloads

by in General Topics
‎03-30-2020 04:10 AM
‎03-30-2020 04:10 AM
Hello   I tested this custom APP ID but on PAN 9.1.1 and i think also on 9.0.7 it is not working. As i see, there is a problem in the http-rsp-headers match condition. Without the http-rsp-headers condition it is working. The other way around, only with the http-rsp-headers it does also not working, therefore it seems a problem in the http-rsp-headers condition. I tried to simplify this condition .*((pkix-crl)|(x-pkcs7-crl)|(plain)).* but it does not match. I also tried .*((pkix\-crl)|(x-pkcs7\-crl)|(plain)).* and only pkix\-crl , because my test  response is a pkix one, but nothing, the requests alwys recognized as web-browsing. Any ideas?     ... View more

Re: Steps to Apply Microsoft Patch to Addressed Meltdown and Spectre Vulnerability on Traps Agents

by in PSIRT Articles
‎01-08-2018 11:32 AM
‎01-08-2018 11:32 AM
There is no confusion. Traps is compatible to the patch, paloalto tested it. But Microsoft does not allow to update if a AV is installed in general for this patch. At the moment they do not distinguish between the AV vendors. Perhaps paloalto can set the compatibility flag in future. Or MS would set if they have the information from the AV vendors.   i hope this helped Fabio ... View more
Register or Sign-in
Contact Me
Online Status
Offline
Date Last Visited
‎05-21-2021 03:51 AM
Latest Tags
Likes Given To
Likes From
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks