This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About nugentec
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About nugentec
09-26-2019
6Posts
0Likes
0Solutions
Sep 26, 2019Last Visited
User
Activity
User
Profile
Latest posts by nugentec
| Subject | Views | Posted |
|---|---|---|
| 6367 | 09-26-2019 04:33 AM | |
| 6410 | 09-25-2019 06:54 PM | |
| 11396 | 09-07-2010 07:49 AM | |
| 4422 | 10-26-2009 08:34 AM | |
| 4545 | 10-14-2009 08:21 AM | |
| 9488 | 10-07-2009 12:31 PM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like |
User Badges
Community Statistics
| Member Since | 08-10-2009 08:12 AM |
| Date Last Visited | 09-26-2019 11:03 AM |
| Posts | 6 |
09-26-2019
07:35 AM
I will split that into 2: Audit events are point in time of actions that were made; so if it's in the Cloud Provider's audit logs, we'll catch it when we scan. These are not going away anywhere. Config changes: this is highly dependent on many causes. If we just got the bucket output from its API, then till this scan finishes on that account, we have a specific status on the bucket from that API. Once we touched it, other changes should only be known to us in the next scan. I hope this helps.
... View more
04-23-2013
09:16 AM
- You can use the straight cables for vWire connections. You will need cross-over for HA connections between PAN (PA-5000). I can make out that you have ASA HA pair. How many router or connections from router that you have? Check thread as well where we had similar discussion.
... View more
11-10-2012
01:58 AM
I guess the appid's regarding these findings were updated (but I agree would be nice with a reply from a PA representative on what happend in these particular cases). Today I would guess installing PANOS 5.0 (or newer) is the way to go to deal with dependencies. Because one of the new features with PANOS 5.0 is that it will handle dependencies when needed. For example allowing x number of packets for a dependency appid and unless the traffic is being identified as the appid you specified (within this range of x number of packets or so) the session will be closed/dropped. The part to worry about is how many packets will be allowed "under the radar" (and how to notify the admin what he/she is about to do when creating such security policy). Today if you wish to allow facebook you must also statically allow web-browsing (if im not mistaken). This doesnt mean that all http traffic are allowed (because other appids like youtube etc will trigger if identified since a session can only have one appid at a time) but it means that all http traffic which doesnt match any known appid will be allowed. This is of course somewhat bad (in most cases) and you need to add a custom url-filter to limit the http requests to only *.facebook.com (and which other domains facebook are using). Now with PANOS 5.0 (as I understand it) it will work if you just allow facebook and nothing more (still using url filtering is healthy but if we stick to appid's for now 🙂 When facebook is allowed in PANOS 5.0 it will in the background allow web-browsing but only for x number of packets. This is of course way better than in PANOS 4.1 and older where you had to statically allow web-browsing for all future but still I think education of the admins configuring PA-devices will be needed. In this case it would be great if PA could provide us (the customers 🙂 with a dependency list along with the limit list (like if I allow facebook, how many web-browsing packets will be allowed) - because as I see this (currently) this might open up for a logical evasion techniques (the admin thinks only facebook is allowed but this custom botnet will still be able to phone home 2 packets per session or such).
... View more
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks