Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Live
- ›
- About jmayne
About jmayne
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
08-18-2015
15Posts
0Likes
0Solutions
Aug 18, 2015Last Visited
User
Activity
User
Profile
Latest posts by jmayne
| Subject | Views | Posted |
|---|---|---|
| 262 | 08-24-2013 08:09 AM | |
| 890 | 08-08-2013 01:22 PM | |
| 1011 | 08-08-2013 01:01 PM | |
| 926 | 07-26-2013 06:11 PM | |
| 926 | 07-26-2013 02:50 PM |
User Badges
Public Statistics
| Date Registered | 04-10-2013 10:33 AM |
| Date Last Visited | 08-18-2015 09:07 AM |
| Total Messages Posted | 15 |
08-24-2013
08:09 AM
I saw this line in an article about Dynamic Block Lists. "as our threat team identifies malware, they automatically take any URL or IP associated with that threat and will include it as part of the PAN-DB URL filtering database. " Does this mean that the PAN-DB contains all the IP's that the URL's resolve to? I would not think so since that one IP may have legitimate URL/URI's associated with it. Can someone clarify? Thanks, Jim
... View more
08-08-2013
01:22 PM
achitwadgi , Yes that was what I was looking for. I will second the feature request to display and remove entries that have been blocked either by a vulnerability or a zone protection rule. Thanks, Jim
... View more
08-08-2013
01:01 PM
Is there a way other than waiting for the timeout to expire to remove an ip from the list of blocked ip's once it is blocked by a rule with an action of block-ip? I hope that makes sense . Thanks, Jim
... View more
07-26-2013
02:50 PM
karthik, I will try the workaround and I appreciate it. How can I ask for a feature request? Does PA have a page for that on the support site? Thanks, Jim
... View more
07-26-2013
12:15 PM
Karthik, Thanks for the response. I think what I am struggling with is that if I create the new security rule that for instance looks at all traffic inbound from the untrusted to the trusted zone with a vulnerability profile set as you suggest then all the inbound traffic will follow the action of this rule (allow or deny) without regard to whether the traffic did or did not have the vulnerability and because of that the traffic will never fall through to the follow-up rule that checked for the other vulnerabilities. My understanding is that if the traffic matches (source, destination, application, service, user) then the traffic does not get processed by follow-up rules no matter what is or is not set in the security profiles.Is this incorrect? Thanks, Jim.
... View more
07-26-2013
06:47 AM
I am looking for a way to send an email alert when a specific vulnerability threat occurs but I am stumped. I can define the email in the log notification but I cannot figure out how to use it. In a security rule I cannot specify the specific vulnerability I want this log notification applied to and I cannot create a security rule that applies to just one vulnerability without evaluating all the other traffic that matches the traffic criteria as well. Can anyone suggest a way to send an email alert when a specific threat occurs either using the PS device or Panorama? Thanks, Jim
... View more
07-05-2013
05:44 AM
Great advise. Thanks!
... View more
07-03-2013
11:19 AM
Thanks. I will give that a try. Is it possible to request new signatures and if so how would I do that? Thanks, Jim
... View more
07-03-2013
09:46 AM
Does Palo Alto have a signature to detect the use of ssh on non-standard ports like 443? I did not see anything in the threat database. Thanks, Jim
... View more
06-25-2013
05:59 AM
Thanks. That's what I was looking for. I appreciate everyone's input. Jim
... View more
06-14-2013
07:55 AM
Vince, Thanks.I have read the Getting Started Guide but I am still confused. is it accurate that there is only one security policy or can you create, save and later apply different policies with distinct sets of rules? I was thinking that for instance on the Policies tab I could create and name multiple policies but it looks like the + button is the only add and it is to add rules not new overall policies. Again sorry if this is not making sense as it comes from a different perspective. thanks, Jim
... View more
06-14-2013
07:24 AM
I am coming from a Checkpoint environment and I am struggling with some of the terminology. I see a number of references in the Getting Started and the Administrator's guides to "Security Policies". To me this implies that I can create a number of policies but it looks like in fact there is only one policy per box and the policy has multiple rules. Am I missing something? Can you create, save and later apply different policies with distinct sets of rules? Thanks, Jim
... View more
06-11-2013
11:20 AM
Is there a way to block some vulnerabilities or spyware without logging them? For instance I would like to block all the Microsoft SQL Server Stack Overflow Vulnerability but I am tired of them skewing some of our charts and stats. it looks like I can alert (allow and log), block (drop and log), of allow (allow, no log) but nothing for block/no log. Am I missing something? Thanks, Jim
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
08-18-2015
09:07 AM
|
Latest Tags
No tags yet
Latest Blogs
Latest Posts
Copyright 2007 - 2020 - Palo Alto Networks
