About bvandivier

In the interest of full discosure and as an employee of Palo Alto Networks I cannot endorse any specific third party product(s).  I do have experience using multiple open source and proprietary tools but will defer to others to comment on which specific tools they recommend or prefer. ... View more

iPerf, Ostinato, Hping, and many others are available as open source traffic generators. ... View more

Hello Jim, I believe the following documentation should address your concerns.   https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/policy/external-dynamic-list.html https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/policy/use-an-external-dynamic-list-in-policy   Note that EDLs support three types: IP Address, URL, and Domain   I believe in your situation you would want to use a URL type EDL in a security policy rule.  Otherwise, a second option would be to create an address object group which contains multiple FQDN address objects. ... View more

Hello Steve, I'm sorry to hear about the issues you've been having.  Please open a case with our support team.  We can then report these issues to our URL Filtering Team internally and work with them to address your concerns.     ... View more

Hello, t his forum exists as a place to submit verdict review requests for False Positive verdicts for Palo Alto Networks (Known Signatures) seen on VirusTotal.  I recommend posting your question within the General forum (Live > Discussions > General Topics) which can be accessed via the following link.   https://live.paloaltonetworks.com/t5/General-Topics/bd-p/members_discuss           ... View more

We have not blacklisted cts.vresp.com.   URL cts.vresp.com Category Business and Economy Description Marketing, management, economics, and sites relating to entrepreneurship or running a business. Example Sites www.bothsidesofthetable.com/ , www.ogilvy.com , www.geisheker.com/ , www.imageworksstudio.com/ , www.linearcreative.com/ Additional comments Includes advertising and marketing firms. Should not include corporate websites as they should be categorized with their technology. Also shipping sites, such as fedex.com and ups.com.   I suggest opening a support case with our TAC for deeper analysis of your issue.   Kind regards. ... View more

Wildfire can perform e-mail link following for analysis purposes if the firewall is configured to detect e-mail links within SMTP sessions.  If there was an e-mail campaign and Wildfire picked up the links within these e-mails for analysis it may have followed those links (clicked them) thereby resulting in unsubscription.  Without additional data I am only speculating at this point. ... View more

You can test URL categorization at the following site/link:   https://urlfiltering.paloaltonetworks.com/ ... View more

This is possible if your firewall is performing Wildfire inspection of email links.     https://live.paloaltonetworks.com/t5/Threat-Vulnerability-Articles/How-does-WildFire-handle-links-within-emails/ta-p/72628   If the Wildfire Cloud receives e-mail links for analysis it will reach out and attempt to analyze the link and the content presented by cicking that link. ... View more

Note that the Threat Vault entries are not current meaning the associated Threat IDs have been retired.   Name: Virus/Win32.WGeneric.pgmrm Unique Threat ID: 193628526 Create Time: 2018-01-14 03:34:36 (UTC) Threat ID: n/a <======= Current Release: n/a <======= First Release: 2493 (2018-01-15 UTC) Name: Virus/Win32.WGeneric.pgmrm Unique Threat ID: 193628526 Create Time: 2018-01-14 03:34:36 (UTC) Threat ID: n/a <======= Current Release: n/a <======= First Release: 209295 (2018-01-14 UTC) ... View more