How to go to "advanced items" in the old and new Prisma SD-WAN portal

How to go to "advanced items" in the old and new Prisma SD-WAN portal.

PA440 management interface doesn't take configuration

I used to think I knew how to do this stuff, but apparently not.  This is an out of the box configuration of a PA440 -

I set the firewall to configure system in standard mode and use static addressing.

Initial config

set deviceconfig system ip-address

HA Pair setting is active-active and session-owner is primary-device : why logs on active-secondary fw ?

Dear Gurus,

I've the following setup in a production environment :

• HA Pair setting: active-active (vWire)
• tla-zone-fw01:
  • HA3 session-owner = primary-device via local configuration (not template)
  • Device priority 50 = active-primary
• tla-zone-fw02:
  • HA3 ses

WildFire Appliance Config Status Out of Sync

Hi,

We are currently facing a issue with our WildFire Appliance, and we seek your assistance in resolving it. The config status at the WildFire Appliance is out of sync, with detail this " '/config/device/entry[localhost.localdomain]/deviceconfig/s

URLs visited

We use Palo Alto firewalls PA3020.  How can I generate a report that shows how many times a URL has been visited?  Also, can we see who visited the URL?  Thanks!

CVE Description clarification

I'm looking at CVE-2023-6795 and in the description I see "enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall"

This means that all admin included the reado

XSOAR Access denied

Hello

We have a user with the same permissions that the other users in XSOAR and in CSP who cannot log in XSOAR.

It keeps giving an error:

Unauthorized 401403.

Has anyone seen this?

Regards

How do I uninstall Cortex XDR from Windows devices using a GPO

Good day,

We are transitioning off Cortex XDR and need to do a mass uninstall for 200+ devices on our network.

Right now our only solution is to do so manually, one by one, using the cytool protect disable function etc.

Is there a way to do this

Api Access

The Superuser (readonly) have the API Access enabled by default?

How to scan SFTP over SSH file transfers for virus or malware

Hi all,

I just set up SSH decryption, also known as SSH proxy on the palo alto.

When I look at the actual sessions, I do see a checked box near to decrypted, so according to me the decryption itself works.

I also got a warning about a man in the middle

ION to ION (hub's) Standard VPN with BGP, route filtered and not reachable

I have a Hub to Hub standard VPN to connect the two together in place of a MPLS. The are peered with a Classic BGP session, site one sending a /20 prefix it has learned from it's core router. Site two sees that from the BGP Peer, but the route will