PA identifying traffic from AKAMAI as BruteForce.

Hi guys,

Context: For the past 24 hours we've had constant reports of a Brute force attack on our servers originating from the Akamai CDN's.

I'm unsure whether this is simply a false positive, or if there something to actually worry about.

I've

Panorama not generating summary logs

Hi,

I have an unlicensed Panorama (for the sake of testing) to aggregate logs from the Palo Alto. I've set up log forwarding on the firewall, Panorama is receiving logs and detailed traffic is showing up properly, but there are no summary logs genera

CVE-2004-2761 and CVE-2008-5161 vulnerability applicable to PAN 7.0.3

Hi all,

Hope everyone doing great.

I have a Palo alto firewall running in 7.0.3 version. Recently there was an audit happened and submitted some vulnerabilities found in our firewall. I am very curious to know that whether captioned vulnerability

How to stop malware called XcodeGhost?

Hi Guys,

One of our firewalls is setup to scan this traffic will full threat prevention but it seems to not be picking up the XCodeGhost.

Any suggestions?

Thank you,

Mykhaylo

HA pair on different os version

I have a HA pair (active/passive) that I want to upgrade from 6.1.11 to a stable version of 7.  I also am using global protect with certs. According to some information I gathered from the community if I upgrade to what I was told was the current mos

Where to apply Anti-Spyware Profiles

I've looked around in various places and can't seem to find a definitive answer on this. In regards to anti-spyware profiles, is there any need to apply these to security policies with a source of the outside Internet zone bound for your inside netwo

IPsec Phase 2 Lifesize Coutdown

On an Phase 2 IPsec SA with a non-zero lifesize, I see the proposed initial lifesize in the "show vpn ipsec-sa" output,

crclark@<redacted>-pa5050b(active)> show vpn ipsec-sa tunnel <redacted>-cisco-gw

GwID/client IP  TnID Peer-Address           Tunnel(

Identifying Applications

Hi guys,

Got an odd one here. Traffic is being identified as a completely different application to what the traffic actually is. For example, see below.

I've cleared the dataplane cache and re-downloaded the DB categorisation as per the document

Multiple PA-200 Firewall's lock up and require a reboot in order to function.

I have 24 PA-200 firewalls.  They are running on PanOS 6.1.3.  At random times the firewall will lock up and requires the device to be power cycled to restore connectivity.  I have called Palo Alto support and them connect to one of the devices that