About Ebernardo

We are using Server 2012r2 RDS gateway and have the PA configured to with a security policy to allow the untrusted traffic (ssl, rds, http)  that is NATed to the internal rds gateway.   We are seeing a lot of failed audits in the logs on the terminal server.  What is the best way to prevent brute force attacks for logins to Active Directory? ... View more

Here's my situation.  We recently went live with a hosted VOIP system (CallTower hosted Cisco UC). We are relocating our office in a few months so we decided not to put in a dedicated circuit for voice and instead use our 20 meg DIA connection.  We have a PA-200, my guess is about 20 to 30 users max using the internet concurrently and same with phones.  We have a Cisco ASA 5505 that is bypassing the PA-200 and making a direct VPN connection to CallTower and carrying the voice traffic.  Since the PA-200 is not directly connected to the ASA - I don't think I can take advantage of the QOS policies for the VOIP traffic; however, I would like to put a limit on the amount of bandwidth used for Internet browsing/uploads and downloads, so that our bandwidth doesn't get maxed out if someone decides to download a large file and compromise the VOIP quality.    Is there an easy way to use the QOS profile/policy to limit internet traffic (ingress/egress) for an IP address range so we can preserve enough bandwidth for the ASA to use to carry the VOIP traffic?    Thanks for any advice.      ... View more

I am a newbie to the Pan-OS and would like to fine tune the Zone Protection profile - Syn flood settings, etc. based on our average peak traffic (packets per second). What is the easiest way to determine the average peak packets per second? ... View more