[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Network Security](https://www.paloaltonetworks.com/cyberpedia/network-security?ts=markdown) 3. [How to Troubleshoot a Firewall | Firewall Issues \& Solutions](https://www.paloaltonetworks.com/cyberpedia/how-to-troubleshoot-common-firewall-issues?ts=markdown) Table of Contents * [What are the most common firewall issues?](#what) * [How to troubleshoot a firewall](#how) * [Step 1: Know your troubleshooting tools](#tools) * [Step 2: Audit your firewall](#audit) * [Step 3: Identify the issue](#identify) * [Step 4: Determine traffic flow](#flow) * [Step 5: Address connectivity issues](#address) * [Step 6: Resolve performance issues](#resolve) * [Step 7: Maintain your firewall](#maintain) * [Why firewall testing is critical and how to do it](#why) * [Step 1: Review firewall rules](#rules) * [Step 2: Assess firewall policies](#assess) * [Step 3: Verify access control lists (ACLs)](#verify) * [Step 4: Perform configuration audits](#perform) * [Step 5: Conduct performance testing](#conduct) * [Step 6: Log and monitor traffic](#log) * [Step 7: Validate rule effectiveness](#validate) * [Step 8: Check for policy compliance](#check) * [Firewall troubleshooting tips, tricks, and best practices](#practices) * [Firewall issues FAQs](#faqs) # How to Troubleshoot a Firewall | Firewall Issues \& Solutions 5 min. read Table of Contents * [What are the most common firewall issues?](#what) * [How to troubleshoot a firewall](#how) * [Step 1: Know your troubleshooting tools](#tools) * [Step 2: Audit your firewall](#audit) * [Step 3: Identify the issue](#identify) * [Step 4: Determine traffic flow](#flow) * [Step 5: Address connectivity issues](#address) * [Step 6: Resolve performance issues](#resolve) * [Step 7: Maintain your firewall](#maintain) * [Why firewall testing is critical and how to do it](#why) * [Step 1: Review firewall rules](#rules) * [Step 2: Assess firewall policies](#assess) * [Step 3: Verify access control lists (ACLs)](#verify) * [Step 4: Perform configuration audits](#perform) * [Step 5: Conduct performance testing](#conduct) * [Step 6: Log and monitor traffic](#log) * [Step 7: Validate rule effectiveness](#validate) * [Step 8: Check for policy compliance](#check) * [Firewall troubleshooting tips, tricks, and best practices](#practices) * [Firewall issues FAQs](#faqs) 1. What are the most common firewall issues? * [1. What are the most common firewall issues?](#what) * [2. How to troubleshoot a firewall](#how) * [3. Step 1: Know your troubleshooting tools](#tools) * [4. Step 2: Audit your firewall](#audit) * [5. Step 3: Identify the issue](#identify) * [6. Step 4: Determine traffic flow](#flow) * [7. Step 5: Address connectivity issues](#address) * [8. Step 6: Resolve performance issues](#resolve) * [9. Step 7: Maintain your firewall](#maintain) * [10. Why firewall testing is critical and how to do it](#why) * [11. Step 1: Review firewall rules](#rules) * [12. Step 2: Assess firewall policies](#assess) * [13. Step 3: Verify access control lists (ACLs)](#verify) * [14. Step 4: Perform configuration audits](#perform) * [15. Step 5: Conduct performance testing](#conduct) * [16. Step 6: Log and monitor traffic](#log) * [17. Step 7: Validate rule effectiveness](#validate) * [18. Step 8: Check for policy compliance](#check) * [19. Firewall troubleshooting tips, tricks, and best practices](#practices) * [20. Firewall issues FAQs](#faqs) The most common firewall issues can range from minor misconfigurations to significant hardware failures. The firewall troubleshooting process involves auditing the firewall to identify issues, determining traffic flow, and using troubleshooting tools to diagnose connectivity or performance problems. Once identified, firewall issues are addressed, followed by ongoing maintenance for optimal operation. ## What are the most common firewall issues? The most common firewall issues include: * Misconfiguration errors * Software vulnerabilities * Hardware issues * Connectivity issues * Performance issues * Missing or inadequate firewall policies ![Top common firewall issues](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/top-common-firewall-issues.png) Fortunately, all [firewall](https://www.paloaltonetworks.com/cyberpedia/what-is-a-firewall?ts=markdown) issues have solutions. By knowing how to recognize common problems and taking proactive measures, you can ensure your firewalls operate correctly and continue to provide proper network protection. Let's dive into the details of both firewall issues and their solutions. ### Misconfiguration errors ![Common firewall misconfiguration mistakes](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/common-firewall-misconfiguration-mistakes.png) Misconfiguration is well known as the leading cause of firewall failures. This can happen if [firewall rules](https://www.paloaltonetworks.com/cyberpedia/what-are-firewall-rules?ts=markdown) are not properly set, which leads to vulnerabilities, and eventually, unauthorized access. Like this: ![Firewall misconfiguration attack example](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/firewall-misconfiguration-attack-example.png) Allowing unnecessary services, not disabling unused ports, or misconfiguring IP addresses can also open your network to attacks. **Solution:** To avoid these issues, always ensure that your firewall settings are correctly configured and regularly audited. ### Software vulnerabilities Like any software, firewalls can have vulnerabilities. Hackers can exploit these weaknesses to gain unauthorized access to your network. *** ** * ** *** Software vulnerabilities were behind the largest-scale attack campaigns in 2023, leading the charge in terms of ways attackers gain access. In 11.5% of the incidents, insufficient patch management was a contributing factor. *-[Palo Alto Networks Unit 42 Incident Response Report 2024](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report-2024?ts=markdown)* *** ** * ** *** Needless to say, keeping your firewall software up to date with the latest patches and updates is crucial. It's only a matter of time--unpatched vulnerabilities on internet-facing systems will be exploited. **Solution:** * Measure and reduce your attack surface. * Regularly check for updates from your firewall vendor and apply them promptly to mitigate risks. ### Hardware issues Hardware problems affect firewall performance. Firewalls running on outdated or overloaded hardware can cause network slowdowns and failures. Which means negatively impacted business operations. ![Firewalls running on overloaded hardware, leading to a network slowdown](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/firewalls-running-on-overloaded-hardware.png) **Solution:** If your [firewall hardware](https://www.paloaltonetworks.com/cyberpedia/what-is-a-hardware-firewall?ts=markdown) is underperforming, consider upgrading to higher-capacity devices. ### Connectivity issues Firewalls can sometimes block legitimate traffic, and that leads to connectivity issues. ![A firewall block legitimate traffic due to excessively restrictive firewall rules, leading to connectivity issues](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/firewall-block-legitimate-traffic.png) This can happen if firewall rules are too restrictive or improperly configured. **Solution:** * Ensuring your firewall rules are well-defined and tested can prevent unnecessary connectivity problems. * Lean on firewall monitoring and analysis tools to identify and resolve these issues, such as: * Centralized management tools * Analytics and monitoring tools * Firewall policy optimizers ### Performance issues Performance issues can arise from complex firewall rules or high network traffic. **Solution:** * Load balancing can help distribute network traffic more evenly, reducing the load on your firewall and enhancing overall network performance. * Simplifying firewall rules and optimizing network traffic can also improve performance. **For example:** This firewall rule has many conditions (e.g. multiple ports, specific subnets, etc). Which makes it difficult to manage, troubleshoot, and maintain. ` Allow TCP traffic 192.192.1.2/32 to 172.16.0.0/16 on ports 80, 443, 8080, 8443, 9000, 9443` ` Allow TCP traffic 192.192.1.4/32 to 172.16.0.0/16 on ports 80, 443, 8080, 8443, 9000, 9443` ` Allow TCP traffic 192.192.1.5/32 to 172.16.0.0/16 on ports 80, 443, 8080, 8443, 9000, 9443` ` Allow TCP traffic 192.192.1.8/32 to 172.16.0.0/16 on ports 80, 443, 8080, 8443, 9000, 9443` ` Allow TCP traffic 192.192.1.6/32 to 172.16.0.0/16 on ports 80, 443, 8080, 8443, 9000, 9443` ` Allow TCP traffic 192.192.1.11/32 to 172.16.0.0/16 on ports 80, 443, 8080, 8443, 9000, 9443` ` Allow TCP traffic 192.192.1.21/32 to 172.16.0.0/16 on ports 80, 443, 8080, 8443, 9000, 9443` ` Allow TCP traffic 192.192.1.32/32 to 172.16.0.0/16 on ports 80, 443, 8080, 8443, 9000, 9443` ` Allow TCP traffic 192.192.1.41/32 to 172.16.0.0/16 on ports 80, 443, 8080, 8443, 9000, 9443` ` Allow TCP traffic 192.192.1.66/32 to 172.16.0.0/16 on ports 80, 443, 8080, 8443, 9000, 9443` `with logging for every successful and failed connection attempt.` Let's simplify it, like so: `Allow HTTP traffic from 192.168.1.0/24 to 172.16.0.0/16 on ports 80 and 443, with logging for failed connection attempts.` ` Allow TCP traffic from 192.168.1.0/24 to 172.16.0.0/16 on ports 8080 with logging for failed connection attempts.` ` Allow TCP traffic from 192.168.1.0/24 to 172.16.0.0/16 on ports 8443 with logging for failed connection attempts.` ` Allow TCP traffic from 192.168.1.0/24 to 172.16.0.0/16 on ports 8080 with logging for failed connection attempts.` ` Allow TCP traffic from 192.168.1.0/24 to 172.16.0.0/16 on ports 9433 with logging for failed connection attempts.` ` ` The updated rule focuses on the core requirement---allowing HTTP/HTTPS traffic between the two networks---and logs only the necessary information, with individual rules to troubleshoot. And that reduces complexity without sacrificing essential security or functionality. ### Missing or inadequate firewall policies Having clear and comprehensive firewall policies is key. Without proper policies, your firewall might not protect the network effectively. Plus, missing or inadequate policies can lead to security breaches and non-compliance with industry regulations. **Solution:** Ensure that your firewall policies are well-documented, regularly reviewed, and updated to reflect the latest security best practices. Now that we've identified the main sorts of firewall issues you might come across, let's move onto the actual firewall troubleshooting process. *** ** * ** *** ***Further reading:** [What Is Firewall Configuration? | How to Configure a Firewall](https://www.paloaltonetworks.com/cyberpedia/what-is-firewall-configuration?ts=markdown)* *** ** * ** *** ## How to troubleshoot a firewall ![How to troubleshoot firewall](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/how-to-troubleshoot-firewall.png) Troubleshooting a firewall generally includes seven primary steps: 1. Knowing your troubleshooting tools 2. Auditing the firewall 3. Identifying the issue 4. Determining traffic flow 5. Addressing connectivity issues 6. Resolving performance issues 7. Maintenance Combined, firewall troubleshooting steps make up a systematic approach to identifying and resolving issues. Let's walk through each. ## Step 1: Know your troubleshooting tools A good place to start when troubleshooting your firewall is simply being aware of the different diagnostic tools you have at your disposal. With logs, monitoring tools, and network testing utilities, you can identify where issues may exist and use that information to guide the troubleshooting process. Here are a few common tools and tactics that can assist in troubleshooting firewall issues: * **Event logs:** Event logs provide insights into what's happening within your firewall. * **Debugging tools:** These can help identify specific issues and analyze the behavior of the firewall. * **SNMP monitoring:** Useful for performance issues and monitoring CPU usage. * **Connectivity tests:** Use ICMP or UDP packets to check network and internet connections. * **Router \& IP address verification:** Ensure ARP tables and subnet configurations are accurate. Knowing what you've got and relying on the right tools allows you to approach next steps with more insight and focus. ## Step 2: Audit your firewall Start by auditing both the hardware and software of your firewall (depending on the product you're using). A thorough audit will help you understand the current state of your firewall and spot any discrepancies. Make sure your firewall rules, software updates, and hardware settings are in line with security policies. ![Strata Cloud Manager unified policy management](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/strata-cloud-manager-unified-policy-management.png) Policy management software can assist in ensuring that your security policies are comprehensive and up-to-date. Above is an example of the user experience provided by Strata Cloud Manager. These sorts of tools allow network security admins to take a holistic look at security policies in the firewall auditing process. ## Step 3: Identify the issue ![Three categories of firewall problems](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/three-categories-of-firewall-problems.png) Pinpointing the exact issue is crucial. Firewall problems generally fall into three categories: 1. Access from external networks or devices to protected resources. 2. Access from protected networks or resources to unprotected resources. 3. Access to the firewall itself. Knowing where the problem lies will allow you to target your troubleshooting efforts effectively. ## Step 4: Determine traffic flow Once the issue is identified, the next step is to determine whether the issue arises from traffic going to the firewall or passing through it. * Use traffic monitoring tools to monitor traffic and see where it's being dropped or redirected. * Check if traffic is reaching the firewall but not being forwarded properly (e.g., misconfigured routing rules). * Analyze inbound and outbound traffic logs to see if data is moving as expected. For example, here's a scenario where a Telnet session failed from the source system, identified by using PAN-OS to take a packet capture. ![Taking a custom packet capture in PAN-OS](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/taking-a-custom-packet-capture-in-pan-os.png) ## Step 5: Address connectivity issues Connectivity issues can usually be identified using network diagnostic tools. ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/pan-os-app-scope-overview-summary-report.png) These tools help verify whether an application is listening on the expected IP address and can aid in diagnosing network connectivity problems: * **Connection monitoring tools:** These tools help detect connectivity problems by showing active connections and listening ports. * **Network management utilities:** These are used to manage network connections and traffic, offering advanced functionality for troubleshooting connectivity issues on various operating systems. ## Step 6: Resolve performance issues Performance issues can be the result of high network traffic or complex firewall rules. Here are a few tactics for improving performance: * **Streamline network traffic:** Ensure that outgoing traffic adheres to your company's policies. Identify and correct any internal servers sending incorrect requests. * **Filter incoming traffic:** Use standard access control list (ACL) filters to route and manage incoming traffic effectively. * **Simplify firewall rules:** Reduce the complexity of firewall rules by removing unused rules and objects. Simplified rules enhance performance and ease maintenance. Rely on the network analytics and visibility tools or features at your disposal to get an overview of network activity and identify spikes in usage. For instance: ![Strata Cloud Manger Summary](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/strata-cloud-manger-summary.png) The Strata Cloud Manager Summary view provides a comprehensive view of network performance. Here, users can see real-time traffic, threats, and user activity so that admins can quickly identify and resolve performance issues. ## Step 7: Maintain your firewall Though not an immediate part of the troubleshooting process, routine maintenance is definitely key to preventing future issues. Regularly monitor network performance, review firewall rules, and stay updated with the latest security patches. A proactive approach helps keep your firewall in optimal condition, and lessens the risk of future problems. *** ** * ** *** ***Note:** The exact features of firewall troubleshooting tools vary depending on the vendor and solution.* *** ** * ** *** ## Why firewall testing is critical and how to do it ![How to test a firewall](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/how-to-test-a-firewall.png) Firewall testing is the proactive process of ensuring that your firewall is configured correctly and functions as expected to protect your network, before problems arise. The firewall testing process involves: 1. Reviewing firewall rules 2. Assessing firewall policies 3. Verifying access control lists 4. Performing configuration audits 5. Conducting performance testing 6. Logging and monitoring traffic 7. Validating rule effectiveness 8. Checking for policy compliance It's worth noting: Firewall testing is different from troubleshooting because it emphasizes proactively verifying the firewall's configuration and performance rather than responding to an existing issue. There are plenty of tools available for firewall testing. Some are proprietary and provided by firewall vendors, while others are open source and free to use. *** ** * ** *** ***Note:** Firewall testing and penetration testing are distinct but related concepts. General firewall testing focuses on verifying that the firewall is properly configured and functioning as expected, while penetration testing aims to identify and exploit vulnerabilities within the firewall and network defenses.* *** ** * ** *** ## Step 1: Review firewall rules * **Objective:** Ensure that firewall rules are correctly configured to allow legitimate traffic and block unauthorized access. * **Action:** Review each rule to confirm it aligns with your security policies. **For example:** This firewall rule is problematic because it's too broad: `Allow all inbound traffic from 0.0.0.0/0 to 192.168.1.0/24 on ports 80, 443, 22.` Allowing traffic from any IP address (0.0.0.0/0) opens the network to unnecessary risk, as it permits access from any source without restrictions. Also, the rule exposes port 22 (SSH), which is often a target for brute-force attacks or unauthorized access, to the entire internet. Not to mention, the rule lacks the necessary restrictions to ensure only legitimate traffic reaches internal resources. This updated rule addresses these deficiencies by restricting the source IP range to a trusted network (172.16.16.0/23), minimizing exposure to external threats: `Allow all inbound traffic from 0.0.0.0/0 to 192.168.1.0/24 on ports 80, 443` `Allow all inbound traffic from 172.16.16.0/23 to 192.168.1.0/24 on ports 22` Now Port 22 (SSH) is only open to a specific, internal trusted VPN subnet (172.16.16.0/23), significantly reducing the risk of unauthorized access. ## Step 2: Assess firewall policies ![Firewall access policy rule sets](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/firewall-access-policy-rule-sets.png) * **Objective:** Ensure that firewall policies are comprehensive and effectively enforced. * **Action:** Check the policies for different network zones (e.g., internal, external) and ensure they comply with your security requirements. ## Step 3: Verify access control lists (ACLs) ![ACL configuration example](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/acl-configuration-example.png) * **Objective:** Confirm that ACLs are configured to permit only authorized users and devices. * **Action:** Review and update ACLs to ensure they accurately reflect current access permissions. ## Step 4: Perform configuration audits ![How to perform a firewall configuration audit](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/how-to-perform-a-firewall-configuration-audit.png) * **Objective:** Regularly audit firewall configurations to ensure they meet organizational standards. * **Action:** Use configuration management tools to compare current settings against a baseline configuration, and check that no unauthorized changes have been made to firewall settings. ## Step 5: Conduct performance testing * **Objective:** Ensure that the firewall is performing efficiently without causing network slowdowns. * **Action:** Test the firewall's performance under typical and peak load conditions. ## Step 6: Log and monitor traffic * **Objective:** Monitor firewall logs to detect any anomalies or unauthorized access attempts. * **Action:** Regularly review and analyze logs to identify potential security incidents. Set up alerts for unusual traffic patterns or repeated access attempts from unknown IP addresses. For instance: Let's say you notice a sudden spike in outbound traffic from a server that typically only handles inbound requests. A web server, which usually only receives HTTP/HTTPS requests, is now sending large amounts of outbound traffic to multiple unknown external IP addresses on non-standard ports (e.g., port 6667 used for IRC). This could indicate that the server has been compromised and is now part of a botnet, sending commands or data to external malicious entities. Such traffic patterns would be unusual for a web server and should trigger an alert for further investigation. ## Step 7: Validate rule effectiveness ![How to validate firewall rule effectiveness](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/how-to-validate-firewall-rule-effectiveness.png) * **Objective:** Confirm that firewall rules are effectively preventing unauthorized access. * **Action:** Simulate typical network traffic to test rule enforcement. ## Step 8: Check for policy compliance ![Firewall compliance audit steps](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/firewall-compliance-audit-steps.png) * **Objective:** Ensure that firewall configurations comply with organizational security policies and regulatory requirements. * **Action:** Conduct regular compliance checks and update configurations as necessary. *** ** * ** *** *Further reading: [Key Firewall Best Practices](https://www.paloaltonetworks.com/cyberpedia/firewall-best-practices?ts=markdown)* *** ** * ** *** ## Firewall troubleshooting tips, tricks, and best practices Now that we've covered firewall issues and solutions top to bottom, let's conclude with just a few firewall troubleshooting best practices worth mentioning. ### Document all changes and updates Keep a log of all configuration changes, updates, and troubleshooting actions. Having a history to reference is extremely helpful in diagnosing future issues and ensuring compliance. ### Back up firewall configurations on the regular Always have a backup of your firewall configuration before making changes or updates. That way, if something goes wrong, you can quickly revert to a known good state. ### Monitor user activity on the firewall Track who is making changes to the firewall rules and configurations. Accountability is key, plus it might highlight issues caused by human error. ### Use layered security Make sure firewalls are just one component of a layered [network security](https://www.paloaltonetworks.com/cyberpedia/what-is-network-security?ts=markdown) strategy. Relying solely on firewalls can leave gaps in protection. This could involve integrating [intrusion detection systems (IDS)](https://www.paloaltonetworks.com/cyberpedia/what-is-an-intrusion-detection-system-ids?ts=markdown) or [endpoint protection](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security?ts=markdown) solutions, depending on your specific network security needs and objectives. ### Always test after major network changes If there are significant changes to the network (e.g., adding new services or infrastructure), perform a comprehensive test of the firewall rules to ensure everything is still functioning as expected. ### Clean up firewall rules periodically Clean up unused, redundant, or outdated firewall rules regularly. This will lessen complexity and minimize performance bottlenecks. ### Establish a response plan for firewall failures Prepare a documented, complete incident response plan specifically for firewall failures. It's important that the team knows exactly what to do if the firewall goes down. *** ** * ** *** *Further reading: [What Is an Incident Response Plan? | Getting Started](https://www.paloaltonetworks.com/cyberpedia/incident-response-plan?ts=markdown)* *** ** * ** *** [![Try Strata Cloud Manager free for 90 days.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-to-troubleshoot-common-firewall-issues/demand-gen-banner-strata-cloud-manager.png)](https://start.paloaltonetworks.com/strata-cloud-manager-free-trial.html) [](https://start.paloaltonetworks.com/strata-cloud-manager-free-trial.html) [](https://start.paloaltonetworks.com/strata-cloud-manager-free-trial.html) ## Firewall issues FAQs ### What are firewall issues? The primary firewall issues encountered are misconfiguration errors, software vulnerabilities, hardware issues, connectivity issues, performance issues, and missing or inadequate firewall policies. ### What is the most common cause of firewall failure? The most common cause of firewall failure is misconfiguration. ### What causes a firewall to go down? Firewalls can go down due to hardware failures, software vulnerabilities, misconfigurations, or excessive traffic overwhelming the system. ### How do I check for firewall issues? To check for firewall issues, regularly review logs, audit the firewall configuration, and use network monitoring tools to identify connectivity or performance problems. ### How do I run a firewall check? To run a firewall check, log into the firewall's management interface and review the configuration, run a firewall test, and check logs for any unusual activity or misconfigurations. ### How do I run a firewall test? To run a firewall test, use firewall testing tools to review rules, assess policies, check access control lists (ACLs), and perform performance testing to verify if the firewall is working as expected. ### How do you check if a firewall is blocking or not? To determine whether a firewall is blocking, review the firewall logs or use diagnostic tools to verify if specific traffic is being allowed or blocked by the firewall. ### How do I fix firewall restrictions? To fix firewall restrictions, review the firewall rules and adjust them to allow legitimate traffic and block unauthorized access. Ensure the rules align with your organization's security policies. ### How do you diagnose firewall problems? To diagnose firewall problems, audit the firewall configuration, check logs for errors, monitor traffic flow, and use diagnostic tools to identify and address issues with performance or connectivity. ### What is the biggest problem with a firewall? Misconfiguration is the leading problem with firewalls, allowing unauthorized access due to improperly set rules or policies. ### How do I know if my computer is behind a firewall? To determine whether your computer is behind a firewall, check the network settings or use firewall testing tools to verify if your traffic is passing through a firewall before reaching the internet. Related content [Solution brief: Strata Cloud Manager^™^ Get the details on Strata Cloud Manager^™^, the first AI-Powered management and operations solution.](https://www.paloaltonetworks.com/resources/techbriefs/strata-cloud-manager?ts=markdown) [Blog: Hotel Customer Simplifies Network Security with Strata Cloud Manager See how this hotel makes changes to firewall policies with just a few clicks.](https://www.paloaltonetworks.com/products/product-selection?ts=markdown) [Video: Strata Cloud Manager^™^ Discover Strata Cloud Manager:^™^ a better way to easily manage your Palo Alto Networks firewalls.](https://www.paloaltonetworks.com/resources/videos/strata-cloud-manager?ts=markdown) [White paper: Modernize Your Network Security With Artificial Intelligence Learn key principles to adopting a zero trust, AI-powered approach to network security.](https://www.paloaltonetworks.com/resources/whitepapers/modernize-your-network-security-with-artificial-intelligence?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=How%20to%20Troubleshoot%20a%20Firewall%20%7C%20Firewall%20Issues%20%26%20Solutions&body=Firewall%20issues%20range%20from%20misconfigurations%20to%20hardware%20failures.%20Firewall%20troubleshooting%20involves%20auditing%2C%20issue%20identification%2C%20and%20resolution.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/how-to-troubleshoot-common-firewall-issues) Back to Top {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language