This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About Fatema
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About Fatema
09-19-2020
19Posts
0Likes
0Solutions
Sep 19, 2020Last Visited
User
Activity
User
Profile
Latest posts by Fatema
| Subject | Views | Posted |
|---|---|---|
| 2850 | 09-19-2020 11:34 AM | |
| 3245 | 09-15-2020 05:22 PM | |
| 3332 | 09-15-2020 04:33 PM | |
| 6249 | 08-29-2017 12:52 PM | |
| 6260 | 08-29-2017 11:31 AM | |
| 6439 | 08-29-2017 10:29 AM | |
| 6446 | 08-29-2017 10:02 AM | |
| 6969 | 08-29-2017 09:41 AM | |
| 1557 | 08-09-2017 06:49 AM | |
| 1584 | 08-03-2017 09:52 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like | |||
| 1 Like | |||
| 1 Like | |||
| 1 Like |
User Badges
Community Statistics
| Member Since | 04-13-2017 08:56 AM |
| Date Last Visited | 09-19-2020 02:55 PM |
| Posts | 19 |
09-19-2020
11:34 AM
Hi MP18 I have chrome Version 85.0.4183.83 (Official Build) (64-bit), and do not have any additional plugins installed. The panorama web interface sometimes load and sometimes don't. Most importantly, when I try to go to individual firewall's web UI through panorama, it just loads with a white screen. Also, I am using Firefox Version 63.0.3 (64-bit), and have disabled auto-updating for now. Thanks for testing it out. Appreciate it. -Fatema
... View more
09-15-2020
05:22 PM
Thanks Steve, looks like running an out of date browser would not be the best solution for the PA customers security wise, and PA should consider resolving these issues of panorama with latest versions of browsers. This seems like just a bandage and a temporary fix, and might not work for long term, as for the customers who have stringent policies against running out of date software could become a challenge for long run. Downgrading browsers for PA compatibility is risky, and sounds to me like PA needs some catch up to be done with latest and greatest technology in the market. Anycase thanks for the pointers we will look into upgrading to at least 9.0.4 or above. Fatema
... View more
09-15-2020
04:33 PM
Hi All, I have been struggling with this issue for few months now. The panorama VM site just doesn't load on my system, using firefox browser. It shows blank white page and after few refreshes of the page (and praying - please load this time), it finally loads but way too slow to be functional. I have tried changing browsers, as many suggested, but same thing on chrome. Some suspect that my network connection is the problem, but when I do internet speed test, it shows 13Mbps as download and ~2Mbps as upload speed with 21ms latency which is fare enough. Any help with what else could I try would be appreciated. Or if anyone encountered similar issues and willing to share insights. Panorama version: 9.0.1 Thanks, Fatema
... View more
08-29-2017
12:52 PM
Ah finally got it working, by referning to this doc: https://live.paloaltonetworks.com/t5/Configuration-Articles/Palo-Alto-Networks-Firewall-not-Forwarding-Logs-to-Panorama-VM/ta-p/59799 Not sure what made it work, but was trying the steps 1-6 multiple time, w/o any change in the console output of 'show logging-status', but when I took a look at the Panorama, the logs were getting displayed for that device fw. (Not sure why the status commands still show nothing on the console though. hmm) Thanks for all the help! 🙂 Fatema.
... View more
08-29-2017
10:29 AM
Thanks for the comments. Here are the answers: 1. Yes the Panorama and the device are running same PANOS version (8.0.4) 2. We do not have entries for Managed Collectors or the Collector Group, but we have configured the log forwarding to Panorama by adding a Log forwarding Profile in Objects > Log Forwarding, and have the 'Shared' check-box cecked, to apply the log Frwding settings to all managed devices. We have the traffic logs from other devices logged to Panorama, it's just this current new fw device that is not logging to Panorama...
... View more
08-29-2017
10:02 AM
Yes, I can see the device fw 5220 in the "Managed Devices" tab of Panorama, with all the columns displaying correct information.
... View more
08-29-2017
09:41 AM
Hi PA Experts! Another issue I stumped upon yesterday 😞 We replaced one of our PA firewall 5050 to PA 5220 couple of days ago, and when I am trying to find the traffic logs corresponding to that PA 5220 device on Panorama, it shows nothing. I duoble checked the configuration on Panorama and the device PA to see everything is setup correctly for forwarding logs. Also, the device is setup to send the threat logs to a log aggregation system, and we see the syslogs successfully getting logged to the aggregator. Hence the device fw is able to send the syslogs to another system, but Panorama. Some more specifics: The device PA 5220 is running s/w version: 8.0.4 The Panorama is a VM and running: 8.0.4 Ran 'show logging-status device <device-ID>' on Panorama, outputs nothing 😞 Ran 'show logging-status' on the device PA, shows isn't forwarding. Is there any tweaks that need to be done additionally for the device PA to send the logs to Panorama? Any help appreciated 🙂 Thanks, Fatema.
... View more
08-09-2017
06:49 AM
Thanks! for providing some valuable thoughts.. 🙂 Currently we do not have explicit mentioned URLs that we would want to block, we just rely on PA's URL filtering and blocking connections to certain category of traffic, like malware, Unknown etc. Was just thinking on lines of, if we can block incoming then why not outgoing, and hence asked if someone explicitly definied some policies in PA for any use-cases. Another thing I was thinking about is it will also help prevent the reverse shells after successful exploitation of client machines, and revent them to connect to any internet machine on weird ports. Thanks for the info, and I will try to work through it 🙂
... View more
08-03-2017
09:52 AM
Hi All, We were planning to implement some egress rules to protect any king of large uploads/data exfil activities from inside network. And when thinking through it, the first though came to my mind is to block all outgoing connections, except web-servers and some legit services like ssh etc. But then thought, that it might get lot of pushback and complaints from the clients, as they might be using any cloud services for data back-ups of their systems, and hence the new policy would not allow them to back up to the internet, and hence I realized that the policy would need a LOT of exceptions. Therefore, can't think of an efficient way to implement a stricter egress firewall policy, and turned to the awesome PA community for any thoughts to pitch in 🙂 Anyone, implementing something similar, that they would like to share? PS: I know about Aperture and other integrationional plugins PA provides, but we are not there yet to use them. Appreciate the help! Fatema.
... View more
07-17-2017
11:34 AM
Hey Guys, Just trying to find out if someone knows, what PA policy is regarding packects with bad checksum? Will they be allowed through the PA, or PA silently drops those packets or sends back a reset to the source? Any help appreciated. Thanks, Fatema.
... View more
04-14-2017
10:01 AM
Alrighty, PA should document it somewhere those corner cases, as it becomes difficult for new bees, like me to understand the default PA behavior (or it can be just common sense, that I could be missing 🙂 ) Thank you TraceforLife and Brad for quick responses and explanations. Appreciate it!
... View more
04-14-2017
04:42 AM
Hmm, now I am confused.. So what should PA do when it sees a DNS reflection attck? i.e thousands of DNS replies to an IP behind PA, for which PA never saw any DNS requests originated from that IP behind PA, will it classify that traffic as unknown-udp and allows it to hit the poor IP behind PA, or will PA drops it thinking "I never saw DNS requests from that IP and hence I am going to drop these bunch of DNS replies to that IP"? I am going to assume, what Brad had mentioned, that PA is going to "silently drop" those DNS replies, as they will not match any current seesions in PA. Thanks!
... View more
04-13-2017
02:10 PM
Hmm, thanks for the link to the article. Yeah, I got a little confused between un-matched udp traffic and "unknown-udp", hence wanted to know what happens when PA sees incoming traffic that is not matched with any sessions currently in PA. So in a nutshell, PA would just drop the traffic silently, as you mentioned earlier. I will look into unknown-udp/tcp App-IDs in more detail to know about them 🙂 Thanks.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
09-19-2020
02:55 PM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks