Requirements to alert an threat

Hello,

is there any possibility to get any information about the requirements for detecting an specific threat.

e.g. there is Signature ID : 13457 EBURY, what is this signature looking for ?

Do I have to decrypt anything on the PA to give a deeper look

PAN GlobalProtect 2.0.3 doesn't work

So, I activated GlobalProtect 2.0.3 yesterday and have found that it fails to connect. The user will click "Connect" and the globe will spin for about 30 seconds then it closes itself and reopen on the taskbar(icon disappears and reappears). I am cur

HA-HA group mappings not passing to secondary PANOS 6.03

Hello,

I have group mappings present on the Primary Firewall, not passing to the secondary Firewall.  Specifically for a new gorup created today.  I have tried the various debug refresh commands on both boxes to attempt the get the seocndary box to pu

web crawling for google only

I know this topic has been discussed before but there is never a clear answer. It seems it is not possible to allow only specific web crawlers such as google. If that's the case, I assume most of you have web-crawling enabled for your site only? Goog

vcom-tunnel

Hi!

  We have a problem on the equipment pa-5020.
when we look at the log traffic, the session ends with incomplete response
Then I looked in and saw the following wireshark log.
SYN      -              VCOM-tunnel Seq = 0 win = 8192 len = 0 mss = 14

Traffic from one zone to another

Hello.

We have two virtual wires called 'eduroam' and 'live'. There are two zones linked to eduroam, namely 'eduroam_tr' and 'eduroam_untr'. There are also two zones linked to 'live', called 'live_tr' and 'live_untr'. We would like to allow communica

There are drop counters when performance test

Hello,

I am doing performance test with Breaking Point about throughput , CPS.

While testing, I have found drop counters as below.

session_dup_pkt_drop                     701        3 drop      session   resource  Duplicate packet: Applies only for mul

Can I use SSL SYSLOG to ArcSight Logger?

Hi,

I can see the PANW SYSLOG server profile transport SSL on 6514 and I am just trying to work out if this can be received by Logger?

Thanks for looking.

Cheers

Richard

Moving/importing logs after HD failure

Hi.

Recently, owing to an unplanned abrupt shutdown of my active firewall, I ended up with a hard drive corruption which prevented it from booting up (thank $deity for HA pairs).

Quite apart from PA's *ridiculously* bad response time to replace the har

Layer 2 vs. Layer 3 Deployment

Hi!

At the moment, I hover between a Layer 2 and Layer 3 Deployment of my PA.

My setup is:

                                                            |     |     |    |

Internet <-> IPSEC-router <-> DMZ <-> internal firewall

Dynamic Roles vs. Role-based Panorama

Hi everyone

So I was just wondering if anyone else has noticed a discrepancy between role-based and dynamic roles on their Panorama. I notice that "botnet" and "session browser" are not drop downs for my role-based admin role. That is fine since https