This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About gchandrasekaran
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About gchandrasekaran
10-01-2020
24Posts
9Likes
5Solutions
Oct 01, 2020Last Visited
User
Activity
User
Profile
Latest posts by gchandrasekaran
| Subject | Views | Posted |
|---|---|---|
| 5483 | 10-14-2014 04:20 AM | |
| 4507 | 10-03-2014 03:52 AM | |
| 4507 | 10-02-2014 03:57 AM | |
| 3403 | 10-02-2014 03:33 AM | |
| 2438 | 09-26-2014 09:16 PM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 09-19-2013 12:37 PM | |
| 1 Like | 09-19-2014 02:17 AM | |
| 1 Like | 10-02-2014 03:57 AM | |
| 1 Like | 10-03-2014 03:52 AM | |
| 1 Like | 09-26-2014 08:01 PM |
User Badges
Community Statistics
| Member Since | 01-11-2012 01:31 PM |
| Date Last Visited | 10-01-2020 06:26 PM |
| Posts | 24 |
| Total Likes Received | 5 |
10-14-2014
04:20 AM
Hello, Are you looking to use the certificate for SSL decryption? is the CA checkbox checked or unchecked (if unchecked, you wouldn't be able to check Forward Trust Certificate option) Usually the certificates signed by third party public CAs are not CA certificates. If the certificate is to be used for SSL decryption, then you can either use a self-signed certificate generated on the PA firewall or a subordinate CA. Please refer PAN SSL Certificates Thank you
... View more
10-03-2014
03:52 AM
1 Kudo
Hi Simon, As of now, the options to view the default action is by checking "Show all signatures" in the Exceptions tab. You can also use the following CLI commands to view all the threats and their associated default action. > configure # show predefined threats ---> displays all the threats. Use forward slash followed by the threat ID to search for a specific threat ID (/36729) # show predefined threats vulnerability <threatID> You may find https://threatvault.paloaltonetworks.com/ to also be helpful as it provides more information Click the magnifying icon to view the default action. You can contact SE to place any feature requests. Hope this helps. Thanks
... View more
10-02-2014
03:57 AM
1 Kudo
Hi Simon, You are right and that is the expected behavior. When you create a rule and choose the action for that rule to "block" for the severities "critical and high" and have chosen "Any" in the CVE and Vendor-ID column, then any CVE (even CVE whose default action is alert) will be blocked. The vulnerabilities rules and the corresponding action in that rule (for any CVE/Vendor-ID OR for specified CVE/Vendor-ID) take precedence over the default threat ID actions. Again, the rule must be matched correctly for the corresponding action to take place. You can change the default action for threat IDs. Click the "Exceptions" tab and then click "Show all signatures". Enter the threat ID in the search bar and click on the action to see the dropdown. Now choose the required action and ensure to check the "Enable" box. Thanks
... View more
10-02-2014
03:33 AM
Hi Vesna, Could you let us know for which feature of PAN-OS would you like to know whether SHA-1 is supported or not? It could be for SSL/TLS decryption, IPSec VPN, PAN-OS certificates, etc. If it for IPSec, kindly refer the document IPSEC Crypto Options Thank you
... View more
09-26-2014
09:16 PM
Hi Warner, PA does not automatically block these threats. The default action for CVE-2014-6271 and CVE-2014-7169 is "alert" with the severity critical. To block these threats, follow the steps given below (Please ensure that you have the latest content version installed. As of now, 458-2380 is the latest version. Once 458 version is installed, log out of the WebUI and log back in) 1. Go to Objects > Security Profiles > Vulnerability Protection. 2. Click Add and enter a name 3. Click the "Exceptions" tab 4. Enter the required Threat ID (36729 or 36730. Entre one threat ID at a time) 5. Check "Show all signatures" at the bottom 6. Click on "default (alert)" under the Action column 7. From the drop-down, choose the action to "drop" and click OK 8. IMPORTANT: Check the"Enable" box for the corresponding threat ID and Click OK 9. Use this Vulnerability Protection profile in the required security policy and commit the changes. Refer the document How To Block Shellshock - CVE-2014-6271 and CVE-2014-7169 Thanks
... View more
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks