Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Live
- ›
- About GCSS-RT
About GCSS-RT
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
a week ago
15Posts
1Like
0Solutions
May 15, 2020Last Visited
User
Activity
User
Profile
Latest posts by GCSS-RT
| Subject | Views | Posted |
|---|---|---|
| 402 | 05-17-2019 11:46 AM | |
| 409 | 05-17-2019 10:21 AM | |
| 422 | 05-17-2019 05:05 AM | |
| 609 | 05-09-2019 12:24 PM | |
| 618 | 05-09-2019 12:09 PM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 | 02-21-2019 09:58 AM |
User Badges
Public Statistics
| Date Registered | 01-09-2018 08:10 AM |
| Date Last Visited | a week ago |
| Total Messages Posted | 15 |
| Total Likes Received | 1 |
05-17-2019
11:46 AM
Oh, got it. I didn't realize that setting could determine where log entries would show up. I learned something new today! I appreciate that.
... View more
05-17-2019
10:21 AM
Is this the only way? We can't make it alert to the Threat or URL Filtering log as the categories do?
... View more
05-17-2019
05:05 AM
Good morning! I'm trying to figure out if it's possible to throw an "alert" log entry when a specific application is accessed. I know it can be done with categories, but I'd like to do the same with specific applications. I can always filter my Traffic Monitor for that application, but sometimes it's much more convenient to set the "alert" status to "on" to monitor before denying access to an application to get a better understanding of who's accessing it and why. Any advice?
... View more
05-09-2019
12:24 PM
Well, not really. I use appID, but was trying to use IP groups to be sure I was catching all the devices while we work on getting userID identifying users correctly. There are multiple things keeping userID from working correctly. Some of those things are network related. So, I'm only using the IP groups temporarily while we get userID working. How are your zones configured? Do you have a zone that covers each network segment or something?
... View more
05-09-2019
12:09 PM
I guess I should have used different terminology. I have IP address groups configured for each of my locations that correspond to the IP subnets of each of my buildings. Some IP addresses (end-user devices) do not get the policies applied that are assigned to their respective IP group on the PAN while others do. For instance, one IP will get a policy applied that blocks an application while another IP in that same group will "skip" that policy and get the default policy that resides at the very bottom of my policy list. Does that help?
... View more
05-09-2019
11:49 AM
Hello everyone! Let me preface this discussion questionb by acknowleding that I've inherited a PAN configuration that I know has issues. With that said, I'm noticing that some devices do not get the correct policies applied when others that are in the same groups do. I'm going to ask a question that may be WAY too generic. If it is, please tell me so and I will get on a support call. I've just had much better response times and better luck with everyone here. The question is do you guys think the reason some devices get different policies has anything at all to do with the way our network is configured or does this have to be a PAN configuration issue?
... View more
03-21-2019
06:31 AM
Hello all, I've read multiple documents from PA and read some on the forums here, but cannot find anything definitive on this. What I'm trying to find out is what is the best practice/most effective way to configure a Security Policy for filtering. I understand there are several ways to do this, but I've found that the way I've been doing it doesn't always seem to work the best. Are there any issues with the following config? Create a Security Policy and set the Action to Allow. Set a URL Filtering Profile. Create a Custom URL Category for Allowed URLs. Create a Custom URL Category for Denied URLs. Apply these Custom URL Categories inside the URL Filtering Profile. Set other categories to Deny within the URL Filtering Profile. If I were to set the Action for a Security Policy to Deny, does that Deny all traffic that matches? Any advice will be very helpful. Thanks.
... View more
02-26-2019
06:44 AM
Here's the CLI output for this security policy. Let me know what else I can supply that might help. set rulebase security rules "EES Network" from trust set rulebase security rules "EES Network" to untrust set rulebase security rules "EES Network" source Network_EES set rulebase security rules "EES Network" destination any set rulebase security rules "EES Network" service any set rulebase security rules "EES Network" application any set rulebase security rules "EES Network" action allow set rulebase security rules "EES Network" log-end yes set rulebase security rules "EES Network" source-user any set rulebase security rules "EES Network" category any set rulebase security rules "EES Network" hip-profiles any set rulebase security rules "EES Network" disabled no set rulebase security rules "EES Network" log-start yes set rulebase security rules "EES Network" profile-setting profiles url-filtering EESNetwork-Filtering-Profile set rulebase security rules "EES Network" profile-setting profiles virus ANTIVIRUS set rulebase security rules "EES Network" profile-setting profiles spyware SPYWARE set rulebase security rules "EES Network" profile-setting profiles vulnerability VULNERABILITY
... View more
02-26-2019
04:49 AM
I think I'm following what you guys are saying. The only settings I have in the policy are as follows: Source Tab: trust source zone IP range as source address Destination Tab: untrust destination zone Actions Tab: Allow action appropriate profiles applied under the Profile Settings section everything else is set to "any" or the default setting. Does this info help?
... View more
02-25-2019
12:33 PM
Hello everyone, I'm hoping someone can help me understand why a security policy is not applying the way I thought it should. Here's what I have: I have each of our schools configured on different DHCP scopes. I then created an Address Object using slash notation for each of those DHCP scopes on the PAN. I then created a security policy per address object (per school building) and added the slash-notated address object as the source address. The question I have is this...shouldn't this security policy apply to EVERY device that grabs an IP address from within the slash-notated network I created and designated as the source address in the security policy no matter if there is a username associated to the device or not?
... View more
02-21-2019
09:58 AM
1 Kudo
Got it. I'll check to verify the differences and move on from there. I appreciate the help.
... View more
02-21-2019
09:53 AM
Understood. I do allow web-browsing and ssl already. I was just wondering since the warnings come up when I commit if I don't add those dependencies to that allow rule. I assume I can just ignore those warnings?
... View more
02-21-2019
09:48 AM
Perfect! Thank you. So, if the dependencies are "web-browsing" and "ssl" and I allow those in that policy...those allowances will not affect other policies already in place, right?
... View more
02-21-2019
09:44 AM
Hello everyone, I searched this topic before posting and couldn't find an exact answer so I'm asking the question here. I have blocked a specific category that includes multiple appplications. I now need to allow one of those applications, but keep the category blocked as it is. Do I just create a new policy just about the blocked category policy and allow the application? If so, do I also need to allow the dependencies it warns me about? Thank you for any advice that you can share.
... View more
- Tags:
- blocked category
Latest Blogs
Latest Posts
Copyright 2007 - 2020 - Palo Alto Networks
