This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About swhyte
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About swhyte
09-17-2021
130Posts
29Likes
29Solutions
Sep 17, 2021Last Visited
User
Activity
User
Profile
Latest posts by swhyte
| Subject | Views | Posted |
|---|---|---|
| 2228 | 01-29-2013 05:00 PM | |
| 1267 | 01-23-2013 11:21 AM | |
| 2379 | 01-23-2013 10:35 AM | |
| 3788 | 01-16-2013 05:06 PM | |
| 2254 | 01-16-2013 05:05 PM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 07-04-2011 07:26 AM | |
| 1 Like | 11-16-2010 02:13 PM | |
| 1 Like | 11-17-2010 02:38 PM | |
| 1 Like | 08-10-2010 08:40 AM | |
| 1 Like | 07-19-2010 01:15 PM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 7 Likes |
User Badges
Community Statistics
| Member Since | 05-01-2009 11:30 AM |
| Date Last Visited | 09-17-2021 01:19 PM |
| Posts | 130 |
| Total Likes Received | 26 |
01-29-2013
05:00 PM
1 Kudo
The PA does not have an application signature for gmail web messenger, but it does have a signature for gmail-chat and gmail-video-chat. So depending on what the PA actually identifies the traffic as, is what you should add to your policy to be blocked.
... View more
01-23-2013
11:21 AM
1 Kudo
Hello, you can currently run custom reports for the specific domains by using the query builder under custom reports. However, I believe you are referring to administrators for the PA...for that you would need to pursue an enhancement request with your sales contact.
... View more
01-23-2013
10:35 AM
1 Kudo
hello, Is this still an issue for you? this would require a little additional investigation to see what is going on. Is the user able to connect to netconnect/global protect before the service crashes? If not, a simultaneous packet capture from the client and the PA device along with the collected logs from netconnect/global protect should reveal what is going on.
... View more
01-16-2013
05:05 PM
Currently it is possible to tunnel other applications through SSH by enabling port forwarding on SSH. This can be considered a security risk because a user could potentially circumvent the application based security policies on the Paloalto device. The Paloalto device is able to address this risk with the ssh proxy feature. Via a decryption policy, you can configure the PA to decrypt a ssh session and if the users does any ssh port forwarding, remote forwarding or X11, the session will be determined to be ssh tunnel. In turn action can be taken on the ssh tunnel application according to the security policies. It is important to note the following: 1. The same "man in the middle" method for SSL decryption is used for SSH proxy. 2. Also, currently the PA only supports SSH version 2.....(if the client only supports SSH version 1, when it receives the version string from the Paloalto device, it should exit). 3. Content and threat inspection is not done on the SSH Tunnel session.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
09-17-2021
01:19 PM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks