Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Live
- ›
- About Tony_Kiser
About Tony_Kiser
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
03-25-2020
20Posts
2Likes
0Solutions
Mar 25, 2020Last Visited
User
Activity
User
Profile
Latest posts by Tony_Kiser
| Subject | Views | Posted |
|---|---|---|
| 393 | 11-07-2019 08:43 AM | |
| 843 | 11-06-2019 10:20 AM | |
| 1041 | 10-16-2019 07:19 AM | |
| 533 | 10-15-2019 02:29 PM | |
| 1088 | 10-14-2019 08:34 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 | 01-18-2019 08:22 AM | |
| 1 | 07-18-2018 08:22 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 | |||
| 1 | |||
| 3 | |||
| 2 |
User Badges
Public Statistics
| Date Registered | 07-21-2016 12:19 PM |
| Date Last Visited | 03-25-2020 06:13 PM |
| Total Messages Posted | 21 |
| Total Likes Received | 2 |
11-07-2019
08:43 AM
New with creating custom miners/prototypes/etc for pulling addresses. I'm trying to get an EDL consumable list from the below page for lookback.io. I assume the main part I'm missing is which prototype, processor, and output to choose, as well as the necessary regex to format it correctly. ANY help would be GREATLY appreciated.
https://dormammu.lookback.io/registry/hosts
... View more
11-06-2019
10:20 AM
Updated to the latest version and still the same problem! any help would be great!
... View more
10-16-2019
07:19 AM
I just updated, but was at 1.1.35. is that e-mail fwmigrate@paloaltonetworks dot com?
... View more
10-15-2019
02:29 PM
I have been doing similar work by doing a partial config import of the x-path you want to pull in.
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClbLCAS
You can find the x-path in Expedition. After you remove unused objects, for example, and go to 'export' and api output manager tab. generate an atomic API request then you'll see the x-paths.
... View more
10-14-2019
08:34 AM
I am using Expedition to remove unused objects from firewalls via a partial config import. What I ran into is the tool removed an unknown number of objects that, while not used by a security policy, they are in fact used by a NAT policy! Because of this I was only able to import services, service groups, and address groups. Importing the new, "smaller" address list won't allow a commit because of the NAT policies that are pointing to objects that Expedition removed.
Has anyone else seen this, or have any info on why this is happening?
... View more
02-15-2019
09:46 AM
feeling a little stupid... but maybe just cause it's Friday... 🙂
isn't the expedition tool supposed to pop up a box when I log in telling me what IP address to use to access it via a browser? I'm not seeing that.
... View more
02-15-2019
08:43 AM
OK, actually figured that part out (just upgraded OS X and Fusion 8.5 too old . 🙂
now, do you have, off the top of your head, the CLI syntax to upgrade the image from the CLI?
... View more
02-15-2019
08:22 AM
Ya, that's the problem. I can't even log into the CLI to get it upgraded. I key the credentials, but nothing happens. it's odd.
... View more
02-15-2019
07:54 AM
I'm coming back around to doing some serious testing so we can start really using Expedition. Now, I downloaded the latest version, opened it in VMWare Fusion 8.5 and when I launch it, i get to this and can't even log into the CLI....
The cursor is actually blinking over the 'E'. Thought's on why I can't even log into the CLI right away?
... View more
01-18-2019
07:58 AM
That's actually part of the issue @LukeBullimore; our xml is so big, Expedition can't digest it. 🙂
... View more
01-16-2019
08:28 AM
Ya, the performance impact we see is things like changing context from one FW to another within Panorama, commits, etc. Not processing performance. The other "indirect" impact is that we currenlty can't pull the config into Expedition because of the size limite of the XML that Expedition can process. And yup, i've been at this company for about 2.5 years, and they are, overall, a shop converted from ASA side of the world 🙂
... View more
01-15-2019
10:05 AM
Historically, for a LONG time, we have created an object for every IP address and every port (for port based rules). Over the years, this has lead to our config being HUGE. Last tech support file from Panorama is 85MB. With thousands and thousands of objects, my opinion is that's contributing to the performance issues we see; the fact that all these objects get sent to the firewalls, and has to be updated everytime we do a push. So question is this; do others agee with this? Has anyone actually backed down the object list (like removing unused, and removing objects for single IP policies, and just put the IP in the rule itself only) and then seen a performance gain? It would be a substantial task, but possibly a useful one. Thoughts?
... View more
11-06-2018
09:39 AM
Hi Greg, how did you upgrade to 0.9.50 inside of Autofocus??
... View more
08-16-2018
01:46 PM
I'm simply trying to import an xml into a project that my account created and as soon as the % import basically finishes, I get a message that says "you do not have rights in the project" ?? Any assistance would be great!
... View more
07-18-2018
08:22 AM
1 Kudo
Dude... you are the man! lol
... View more
07-18-2018
08:05 AM
Thanks for that info. OK, on a broader question; is there any documentation yet on actually using Expedition specifically for app-ID adoption on a PA firewall? I remember doing this in a deep-dive lab at Ignite, but didn't save the lab document (bad me). I'm trying to pull it out of memory, but just can't remember the steps. I'm also not finding anything but the user guide, and the admin guide, which are less than helpful.
Anyone know of actual step by step help for this?
... View more
07-13-2018
08:53 AM
It is (well the HA pair) in its/their own device group. So I'd need to connect to Panaram and pull the whole panarama config, but just work on that device group?
I was wondering if Expedition "understood" device groups.
... View more
07-13-2018
08:40 AM
I'm wanting to do some policy work (app-id migraiton) on a firewalls that is basically 100% managed by Panorama. Don't want to mess with all others yet. How do I get the policy set that's managed in Panorama for just one firewall int Expedition?
... View more
02-23-2017
03:19 PM
Hi all, I'm wondering if any of you do your own validation testing of security patces for PAN-OS and vulnerabily signatures. Example being, do you confirm your edge is vulnerable to a specific CVE, and then after patching do you confirm it's no longer vulnerable, and if so (any version of this kind of thing) what tools or processes do you use to do this?
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
03-25-2020
06:13 PM
|
Latest Blogs
Latest Posts
Copyright 2007 - 2020 - Palo Alto Networks
