This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About linuss
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About linuss
08-18-2015
7Posts
0Likes
0Solutions
Aug 18, 2015Last Visited
User
Activity
User
Profile
Latest posts by linuss
| Subject | Views | Posted |
|---|---|---|
| 2155 | 03-21-2012 02:12 AM | |
| 2961 | 02-16-2012 06:06 PM | |
| 3125 | 02-16-2012 09:18 AM | |
| 3433 | 02-16-2012 01:17 AM | |
| 2426 | 12-18-2011 06:24 PM | |
| 1755 | 09-06-2011 06:45 PM | |
| 1755 | 09-05-2011 09:39 PM |
User Badges
Community Statistics
| Member Since | 02-15-2011 06:38 AM |
| Date Last Visited | 08-18-2015 09:07 AM |
| Posts | 7 |
03-21-2012
02:12 AM
Anyone have final answer? Is it possible to do this configuration? In EDU-201 training, Lab Module 4, there are some steps need students to configure: ------------------------------------------------------------------------------------------------------------------------------ Step 12: Create a new rule named “deny-YouTube-over-FB” Step 13: Configure the following information: ü Source Zone : “Trust-L3” Source Address : Any ü Destination Zone : “Untust-L3” Destination Address : ??? ü Application : “???” ü Action : “???” HINT: Can you do this with one Security Policy are do you need two? ------------------------------------------------------------------------------------------------------------------------------ How can we configure the security policy?
... View more
02-16-2012
06:06 PM
Yes, we can configure the rule by user or group, however it may not be a good idea to allow some users to override our company policy. We want the users can override some blocked applications when needed but at the same time system can log this action or admin can be alerted. I think it is more flexible. I know many other brands FW with application control on the market can configure security rule as 'override' or 'alert'. If at the moment this option is not available on PAN device, I suggest adding this feature in the future release.
... View more
02-16-2012
09:18 AM
rmonvon, thank you for your advice. URL filtering is not a perfect solution for our case. Because the "business" videos are uploaded to youtube by vendors, e.g. http://www.youtube.com/watch?v=TTTbzbiBFfM&list=PL77D49394B6A8FD31&feature=plcp&context=C38c0451FDOEgsToPDskKoh7mooOkmGNbGHjL4-Ecx
... View more
02-16-2012
01:17 AM
We have a security rule: Src Zone: Internal Src User: Any Dest Zone: Any Dest Add: Any Application: Application filter which inlucde all online videos (e.g. adobe-media-player, http-video, tvb-video, youtube-base) Action: Deny It works as expected, however some users need to view some business video now. Is there any option to configure 'override' as action in security? I found 'override' action can be selected in URL Filtering profile, here is part of admin guide: Override - Allow the user to access the blocked page after entering a password. The password and other override settings are specified in the URL Admin Override area of the Settings page. If override is not available, any option to allow users to watch video based on Frequency? Let say 3 hours per day?
... View more
Labels:
- Labels:
-
User-ID
12-18-2011
06:24 PM
Hi James, You mentioned the App-ID will work, do you mean we can see which application (e.g. facebook) was using but the source IP is still the proxy server in traffic log? How about the user-based QOS, it doesn't work with x-Forwared-for neither, right? In PAN-OS 4.0.x/4.1.x, is the same limitation exist? Regards, Linus
... View more
09-06-2011
06:45 PM
We won't open a support case now as PAN-OS 4.0.5 just released. We will repeat the test with 4.0.5 image again. Last update: We can update software manually from 3.1.10 to 4.0.5 with 4.0.5 image now.
... View more
09-05-2011
09:39 PM
We got same problem, our device is PA-2020. 3.1.10 > 4.0.1 manual software upgrade OK 3.1.10 > 4.0.3 manual software upgrade OK 3.1.10 > 4.0.4 manual software upload failed with error "invalid image" 3.1.10 > 4.0.4 download image directly to the device by clicking the "Download" in Device tab, Software. OK md5 checked for PanOS_2000-4.0.4. Switch and redownload for image from another PC, failed with same error. I am sure 4.0.1 image is downloaded to the device before uploading the 4.0.4 image. License downloaded, contents updated to 263-110 and AV updated to 5559-735 .
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
08-18-2015
09:07 AM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks