Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- LIVEcommunity
- ›
- About FWPalolearner
About FWPalolearner
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Monday
76Posts
0Likes
0Solutions
Jan 18, 2021Last Visited
User
Activity
User
Profile
Latest posts by FWPalolearner
| Subject | Views | Posted |
|---|---|---|
| 76 | Monday | |
| 98 | Friday | |
| 116 | Friday | |
| 177 | a week ago | |
| 201 | a week ago |
User Badges
Public Statistics
| Date Registered | 02-18-2020 01:46 AM |
| Date Last Visited | Monday |
| Total Messages Posted | 76 |
Monday
Hi I have a question . Currently PA 3020 cluster we don't have ssl decryption enabled . We plan to do it in March However , if we enable all other security features like AV,Antispyware File blocking , Vulnerabilty Protection , Wildfire etc , it wont be fully effective as all these Security profiles cant see what is going inside SSL unless we have SSL Decryption ? Even URL filtering Profile wont be effective , for example there is restricted website but using https and we block the category , it wont be effective as we are not doing ssl decryption ?
... View more
Friday
yes i tried PE— http://wildfire.paloaltonetworks.com/publicapi/test/pe No log Do i have to run below command debug software restart process vardata-receiver Does this has any impact on firewall ?
... View more
a week ago
Yes, I have applied AV profile to more than 50 rules and lot of traffic hitting those security rules. I have actually created a security profile group and added all security profile to that group. And I have called security profile group in all security rules. For wildfire profile it is all file types in both directions to public cloud. It's more than 5 hours. It should at least show something informational or low alert.but there nothing
... View more
a week ago
Anyone please. The box is 3060 running panOS 9.0.9. I was reading few forums which suggested to restart wildfire process . Can someone throw more light or anyone face similar issue
... View more
a week ago
Hello , I have created an Antivirus Profile The action i have set is Alert and not default(alert) . Similarly Wildfire Action in AV profile is also "Alert" However when i see Threat Logs and filter by ( subtype eq virus ); i cant see any log I can however see logs for subcategories spyware and vulnerability Also , i cant see anything Wildfire sublmission logs
... View more
a week ago
Hello , We are enabling Security features like Antivirus , Antispyware , Vulnerability protection , Filer blocking etc . We want initially to monitor the traffuc We are putting the action as " Alert " . Just wanted to confirm that it wont block anything ?
... View more
a week ago
Hi , i have 3 question for wildfire 1)If we define wildfire profile , and call that profile in a security rule , only that particular rule will be effective for wildfire analysis and not all the rules in the policy ? 2)Also , as a starting point , we want to limit sending all the file types to Wildfire , is there any initial level Wildfire categories to start with ? 3) Also , i dont see any action for wildfire profile , does the action depend upon AV , Antispyware profiles where we also have widlfire action ?
... View more
a week ago
Hello , We are in process on migrating port based rules to APP -ID but as it is time taking process , it may take us sometime . Can we still enable Security profiles like AV, Antispyware , Vul Protection , Wildfire , Data Blocking ; URL filtering on Port based rules ? Or is there a preq to have APP ID for these features ? we want to start applying Security profiles with less restrictive actions , observe and then take strict actions like reset or block Kindly reply . Thanks
... View more
a week ago
Hi @kiwi Thanks As i mentioned , we are still having few rules where we are using port based and not APP ID but we are in transition phase; I know of Best Practices document ; Is it OK that we apply these security profiles in alert mode as mentioned in best Pratices document and then observe. and later on move to more strict actions Is it OK to apply Security Profiles to the rules which dont have APP ID , will Security profiles work without APP-ID , just asking ?
... View more
a week ago
Hi , We have a customer running a cluster of PA 3060 . The goal is to enable security features on at least 30-40 percent of the rules initially . like URL Filtering AntiVirus Antispyware Wildfire Vulnerability Assessment Are there any Best practices rules which covers or are generic to most ( if not all) organisations ? SSL Decryption is at later stage . The rules where these features are required to be implemented have mostly APP-ID enabled . But how to start with piratically . I have read Best Practices guide but it is more theory . Do anyone has a LAB or sample dump of rule base for each of the above Security features
... View more
Latest Blogs
Latest Posts
Copyright 2007 - 2021 - Palo Alto Networks
