Security Policy in VM-Series - Container and DAGs

In AWS environment we have containers that do the job and then terminate. How is is possible to do a security policy on containers? DAG is not detecting the IP Address used by container to egress out to internet.

Secondly, how a single IP Address can

Dynamic Updates and Device Registration Failing in GCP. HELP!!!

Ok Gurus,  I got a need for some help and visibility on this one... please... 

My FWs are virtualized within a open source (KVM) environment, that was placed into GCP back in June 2019.

Somewhere along this week, when I first noticed that I am not ge

DMZ setup on Transit VPC (AWS)

I'm just wondering if anyone setup a DMZ on Transit firewalls in Transit VPC on AWS? Basically we need to have outbound to inbound NAT rule with a elastic ip address. Came across this link but not sure if this is the proper way of doing it. We would

Trial AWS VM not logging any statistics....

I'm running a trial of the AWS PA-VM product, and am not getting any statistics logged:

Logging statistics
------------------------------ -----------
Log incoming rate: 0/sec
Log written rate: 0/sec
Corrupted packets: 0
Corrupted URL packets: 0
Corrupted H

DPDK mode in AWS

I see that we have SR-IOV and DPDK modes supported for Palo Alto in AWS and understand that DPDK is proffered mode which provides fast processing, so are there any specific situation where SR-IOV mode is preferred over DPDK?

BGP issue between On-pre PA and Azure via a site to site VPN

I am trying to setup Azue site to site VPN with BGP. IPsec tunnel came up successfully and I can ping from PA BGP Peer IP to Azure BGP peer IP. However, BGP session can not be established. It gets stuck in connect state. I have been reseraching Azure

Azure Application for HA

Hi all,

We are looking to set up a HA pair of 9.0 PAs in Azure as per guide below

https://docs.paloaltonetworks.com/vm-series/9-0/vm-series-deployment/set-up-the-vm-series-firewall-on-azure/configure-activepassive-ha-for-vm-series-firewall-on-azure.h

Internet reachability

Hi ,

Due my self training on Palo Alto VM , I have face some issue where I'm not able to ping internet , but able to ping next host on same subset ( my pc ).

Network connective :

VMnet1: inside interface

VMnet2 : DMZ interface

Bridged : outside interface

V

No metrics in cloudwatch

Hello,

I followed this guide https://docs.paloaltonetworks.com/vm-series/9-0/vm-series-deployment/set-up-the-vm-series-firewall-on-aws/deploy-the-vm-series-firewall-on-aws/enable-cloudwatch-monitoring-on-the-vm-series-firewall.html

for enabling the vm-

Traffic logs missing on Palo Alto- Azure VM(PAN OS 8.1.9)

Today we had an issue when we could not login to our Palo Alto. Reboot from Azure portal fixed the issue. When logged back to Palo and checked traffic logs, found that traffic logs are missing before the VM was rebooted for almost 24 hours. There is

PA with ELB and ILB in Azure

We have the below setup:

internet->ELB(public ip)->VM Series(2)-> ILB->Web Servers

Where the 2 VM series Firewall in backend pool of both ELB and ILB, the issue here is the Health probe IP for both ELB and ILB is 168.63.129.16 so health probes always