This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About nugentec
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About nugentec
09-26-2019
6Posts
0Likes
0Solutions
Sep 26, 2019Last Visited
User
Activity
User
Profile
Latest posts by nugentec
| Subject | Views | Posted |
|---|---|---|
| 6346 | 09-26-2019 04:33 AM | |
| 6389 | 09-25-2019 06:54 PM | |
| 11372 | 09-07-2010 07:49 AM | |
| 4402 | 10-26-2009 08:34 AM | |
| 4525 | 10-14-2009 08:21 AM | |
| 9460 | 10-07-2009 12:31 PM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like |
User Badges
Community Statistics
| Member Since | 08-10-2009 08:12 AM |
| Date Last Visited | 09-26-2019 11:03 AM |
| Posts | 6 |
09-26-2019
04:33 AM
Thanks @SRohatyn! That helps a lot. Any idea about the second part of my question? 1) Start -> S3 bucket is not public-write-able 2) Config Audit starts and does not report any incident 3) During the config audit scan, the user enables public writes on S3 buckets 4) Before the config audit finishes, the user makes the S3 buckets not public-write-able again 5) Will the Config audit show any incident after it completes? Or will it be oblivious to the fact that changes were made during the Config Audit?
... View more
09-25-2019
06:54 PM
Hi, I'm using the Prisma Cloud (previously Redlock). Is there a way I can change the frequency of the scans to check for misconfiguration. Also where can I check the current frequency. Does the scan run every hr or every 24 hr. Is it the same for AWS/Azure/GCP? Also if someone makes a mistake and changes the resources while the scan is going on and then corrects the mistake, will the scan detect what happened during the scan? If I made a blob public during the scan and made it non-public again before the scan finishes, will the scan result show no issues or will it say that changes happened during the scan which were fixed? Thanks!!
... View more
Labels:
09-07-2010
07:49 AM
Hi, I've been looking everywhere and I can only find information on virtual wires being used for path-monitoring in HA. What I'm looking for is if when in HA, do the virtual wires fail over? If they do fail over is there a best practices document detailing how and what type of interfaces fail over? Fail over of a L3 interface makes sense since the new firewall will answer ARP requests for the failed firewall, but how does that work with virtual wires? Thanks, Frank
... View more
Labels:
- Labels:
-
Configuration
-
Networking
10-26-2009
08:34 AM
Thanks for your response Mike. It's what I need to help my manager make a few key decisions. However we are hung up on one of your responses. You stated "There shouldn't be any applications that we have App-IDs for that benefit from allowing unknown traffic." If this is the case, why is unknown-tcp a required application dependancy for applications like share-p2p and bittorrent? If the "unknown application group" is not used to identifiy applications like share-p2p, why is it a dependancy? Can you please clear this up for me? Thanks, FJ
... View more
10-14-2009
08:21 AM
Thanks for getting back to me. For the time being, do you have a list of applications that either require or benefit from allowing unknown-tcp, *-udp, *-p2p? Or in other terms, would creating a policy which allows the "unknown group" traverse the firewall, would it lead to the firewall identifying more applications? Are there any applications that cannot be identified without the "unknown group" being enabled? I need to make a case to my manager to whether or not we should allow the "unknown group" and having a list of applications that benefit from it would help my case. As far as application dependencies, I would prefer to find out either while I'm editing the security rule base or beforehand from a document. I don't care to wait during the commit process. For my team and I its a personal preference. I appreciate your help on this. Thanks, FJ
... View more
10-07-2009
12:31 PM
I was wondering if there is a best practices document for setting up a policy to control particular applications. I've already dug through the Skype tech document which tells to enable unknown applications. Are there any other applications that work better or require unknown applications to be enabled? To take it further, is there an application dependency list available? For example when creating a policy allowing bittorrent traffic out, the firewall prompts during the verification process that web-browsing should be enabled for bittorrent. Is there a document that will say “X application requires Y application to work correctly”. I would prefer not to find out during the verification process. - FJ
... View more
Labels:
- Labels:
-
App-ID
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks