Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- 5G
- IoT Security
- Prisma SD-WAN
Network Security
- Prisma Access
- Prisma SaaS
- Prisma Cloud
- CN-Series
- VM-Series:
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
Security Operations
- Resources
- COVID-19 Response Center
- LIVEcommunity
- ›
- About swhyte
About swhyte
Announcements
Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
a week ago
125Posts
26Likes
29Solutions
Apr 01, 2021Last Visited
User
Activity
User
Profile
Latest posts by swhyte
| Subject | Views | Posted |
|---|---|---|
| 1018 | 01-29-2013 05:00 PM | |
| 424 | 01-23-2013 11:21 AM | |
| 1380 | 01-23-2013 10:35 AM | |
| 1963 | 01-16-2013 05:06 PM | |
| 934 | 01-16-2013 05:05 PM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 | 08-10-2010 08:40 AM | |
| 1 | 07-19-2010 01:15 PM | |
| 1 | 04-20-2010 01:44 PM | |
| 1 | 03-25-2010 03:27 PM | |
| 1 | 03-15-2010 02:19 PM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 7 |
User Badges
Public Statistics
| Date Registered | 05-01-2009 11:30 AM |
| Date Last Visited | a week ago |
| Total Messages Posted | 130 |
| Total Likes Received | 26 |
01-29-2013
05:00 PM
1 Kudo
The PA does not have an application signature for gmail web messenger, but it does have a signature for gmail-chat and gmail-video-chat. So depending on what the PA actually identifies the traffic as, is what you should add to your policy to be blocked.
... View more
01-23-2013
11:21 AM
1 Kudo
Hello, you can currently run custom reports for the specific domains by using the query builder under custom reports. However, I believe you are referring to administrators for the PA...for that you would need to pursue an enhancement request with your sales contact.
... View more
01-23-2013
10:35 AM
1 Kudo
hello, Is this still an issue for you? this would require a little additional investigation to see what is going on. Is the user able to connect to netconnect/global protect before the service crashes? If not, a simultaneous packet capture from the client and the PA device along with the collected logs from netconnect/global protect should reveal what is going on.
... View more
01-16-2013
05:05 PM
Currently it is possible to tunnel other applications through SSH by enabling port forwarding on SSH. This can be considered a security risk because a user could potentially circumvent the application based security policies on the Paloalto device. The Paloalto device is able to address this risk with the ssh proxy feature. Via a decryption policy, you can configure the PA to decrypt a ssh session and if the users does any ssh port forwarding, remote forwarding or X11, the session will be determined to be ssh tunnel. In turn action can be taken on the ssh tunnel application according to the security policies. It is important to note the following: 1. The same "man in the middle" method for SSL decryption is used for SSH proxy. 2. Also, currently the PA only supports SSH version 2.....(if the client only supports SSH version 1, when it receives the version string from the Paloalto device, it should exit). 3. Content and threat inspection is not done on the SSH Tunnel session.
... View more
10-24-2012
09:15 AM
1 Kudo
Hi Scud, not sure if you already got a response on this, but I tried replicating this exact scenario using 4.1.8 panorama and 4.0.13 device. I was not successful in replicating this....creating the zone and adding the option to enable user identification went fine via the context of Panorama. You may have encountered a bug that has since been resolved. You may want to upgrade Panorama to 4.1.7 or 4.1.8 and retest. If you are still having this issue then feel free to call in to support so we can take a deeper look. Perhaps there are other details necessary to properly replicate this. Stephen
... View more
06-05-2012
09:17 AM
Fyi, This happening under conditions when there was some query going on and the key file is being written simultaneously and thus changing/corrupting the the ssh key. The permanent fix for this will be in 4.0.12 which is targeted to be available the week of 6-11-2012.
... View more
07-04-2011
07:26 AM
1 Kudo
Hi Sam, the 2000 series Pan is definitely suitable for 4.0.3. The commit times are indeed slower than the higher models due to cpu...but remember that is only for management. If the commit times are taking more than 10 mins then please get techsupport and report this to PA support. Otherwise the development team at Paloalto is aware of the slower commit times and are always working to improve them....so you will see the commit times improve with future releases. thank you, Stephen
... View more
07-04-2011
07:21 AM
1 Kudo
Hello Neil, if you can get a packet capture of this traffic, then you can open a case with support and they can refer this to the content team to verify if this is indeed a false positive. thanks, Stephen
... View more
07-04-2011
06:47 AM
The PA may have detected a threat or a file type that you are blocking or QOS may be throttling the session (that is if you have QOS configured). To aid in isolating you can create a policy for these sessions and not add a profile to the policy. If the downloads are still stopping, you can call in to support to aid in troubleshooting this. thanks, Stephen
... View more
11-22-2010
02:50 PM
If you must keep the public addresses on the Forefront and absolutely NO NAT. Then what about setting up a virtual wire pair on the paloalto device and plugging the forefront into the trust side of it...You can plug the untrust side of the virutal wire pair into what ever switch you currently have the forefront plugged in to. thanks, Stephen
... View more
11-17-2010
02:38 PM
1 Kudo
Hello, the paloalto device will log traffic as long as the traffic matches a policy and that policy is configured to log at session end and/or log as session start. So the only way to avoid the double logging would be to turn off logging at session end and start on the vwire policies.....not sure if you would want to do that though. Stephen
... View more
11-17-2010
02:20 PM
Hello, your sales contact would be the best resource for tracking on a feature request that you submitted. But regarding this feature, it will be in our NICE release which is scheduled to be available by the beginning of 2011. thanks, Stephen
... View more
11-16-2010
02:13 PM
1 Kudo
Hello Jambulo, the only way to do this is to create another vulnerability profile, add the desired exception, then create another policy that details your desired granularity (source ip, destination ip, etc..) and add that new vulnerability profile to it. thanks, Stephen
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
a week ago
|
Latest Tags
No tags yet
Latest Blogs
Latest Posts
Copyright 2007 - 2021 - Palo Alto Networks
