Date

By Source

By Technology

By Services

By Audience

Displaying 1 to 30 of 11258

MineMeld Advice/Lesson Learned

I will be installing and using MineMeld on a virtual REHL 7 Server. I was wondering if the community had any advice/lessons learned from the installation, use, and implementation of MineMeld at their organizations. Thank you!
SecurityTechStudent55,
  • 0
  • 0

Palo Alto with Cisco IPS

Does anyone have experience integrating PaloAlto firewall with Cisco Intrusion Prevention system? Does it work? Does it have sence?
Xpert.kz,
  • 0
  • 0

Changing the ML Address

Changing the ML address to "localhost", it keeps going back to the IP assigned to the virtual ethernet interface. Did we ever come up with a way to force it to change to and keep "localhost"?
Tim_Grossner,
  • 0
  • 1

Reaper the Rockstar!

Looks like the Northern Ohio chapter of the Palo Alto Networks Fuel User Group has an eye for rockstars, too! We couldn't agree more with the chapter's recognition of Tom and its warm invitation to have Tom attend a chapter meeting with the Cleveland-based group. Moreover, in keeping with Tom's growing
editeur,
  • 0
  • 0

News of the Week: July 14, 2018

Catch up on all the latest Palo Alto Networks news.
Justin Hall,
  • 0
  • 0

Evident Auto-Remediation is not working as expected

Symptoms Configured auto-remediation using this guide: http://docs.evident.io/#auto-remediation-via-lambda-walkthrough, but the offending resource is not automatically remediated. Diagnosis Configure an AWS resource that would trigger the signature. Wait for the fail alert to generate.  It may take up to 2 scan intervals (by default, 1 scan interval is 15 minutes). Once the alert
kchen,
  • 0
  • 1

Evident Updates - July 11, 2018 (and prior)

Weekly Scheduled Deploy - July 11 2018   The following updates are scheduled to take effect on the Evident service on 7/11/2018:   Enhancements New Signature: AWS:EC2-043 - Security Groups With Open Private CIDRs Description: This signature checks all of your EC2 security groups and returns an alert if any inbound rules
kchen,
  • 0
  • 1

LiveWeek 13 Jul 2018

RDP access to Citrix via GlobalProtect clientless VPN Enabling RDP access to Citrix environment through GlobalProtect Clientless VPN GlobalProtect Clientless VPN supports access to remote desktops (RDPs), VNC or SSH. Learn how to enable your existing Citrix deployment to provide support for RDP through GlobalProtect Clientless VPN. Read more...  
editeur,
  • 0
  • 1

Importing rules into Expedition from a Firewall managed by Panorama

I'm wanting to do some policy work (app-id migraiton) on a firewalls that is basically 100% managed by Panorama.  Don't want to mess with all others yet.  How do I get the policy set that's managed in Panorama for just one firewall int Expedition?
Tony_Kiser,
  • 0
  • 0

Channel Scoop: July 13, 2018

Get the latest NextWave Partner news in this week's Channel Scoop.
Roxanne Edwards,
  • 0
  • 0

Upatre Continued to Evolve with new Anti-Analysis Techniques

Unit 42 monitors the continued evolution Upatre and its anti-analysis Techniques.
Mike HarbisonBrittany Ash,
  • 0
  • 1

New Error Message I've Not Seen Before

Caught this in the temporary file for log processing...     # There is insufficient memory for the Java Runtime Environment to continue. # Native memory allocation (mmap) failed to map 113700864 bytes for committing reserved memory. # An error report file with more information is saved as: # /tmp/hs_err_pid51410.log
Tim_Grossner,
  • 0
  • 0

Minemeld install error on RHEL

I am attempted to perform an ansible install of Minemeld on RHEL 7. I am receiving the following error. Anyone seen this and have any suggestions for remediation?  Thanks   I receive the following message when I run the ansible playbook:   TASK [minemeld : bower install] ********************************************************************************** fatal: [127.0.0.1]:
taustin,
  • 0
  • 0

July Apps are here! (shortly)

For the month of July 2018 the new application release date is set to be the 17th. This time around a couple of important updates will be added to the sharepoint 'portfolio' which you'll want to compare to your existing security policy and user adoption to ensure you are ready
reaper,
  • 0
  • 0

Log import of Pano managed firewall no longer works after upgrade to 1.0.99.1

I was able to parquet logs every day for 10 days.  After the upgrade, Expedition no longer sees new files.  Path and permissions have not changed.   A stand-alone firewall has no issue.   Should I delete the Pano and managed devices and recreate?
Esfeld,
  • 0
  • 1

Anomali Limo Miner Creation

Hello, First, I am not a programmer, so please keep that in mind ;-) I would like to create a miner for the Anomali Limo TAXII feed. The Anomali documentation is not very good:   You can also get the benefits of Limo without STAXX. Simply: ​ Configure your TAXII
Jon-Irish,
  • 0
  • 0

Antivirus block page presents inconsistent behavior

Question Testing a virus download from different websites using SSL Decryption yields different results. Sometimes you receive a response page indicating Virus/Spyware Download block, and on other sites you don't see a response page. In the first case, you can also see that whenever the response page is triggered, a
mivaldi,
  • 0
  • 0

Threat Brief: Why You Need to Be Careful of Links in Email

Unit 42 investigates how attackers were creating fake versions of some well-known and well-trusted websites, and how they were used in phishing emails to unsuspecting victims. Read the Threat Brief to learn more.
Christopher Budd,
  • 0
  • 1

GUESS?, INC.

Learn how Kevin Wilson, Corporate Information Security Manager replaced their legacy antivirus solution at all Guess? retail locations with Traps to protect their stores from breaches and cyberthreats. The ease of setup and efficacy catch rate for malware, Traps exceeds all expectations. Having the Palo Alto Networks Security Operating Platform provides Guess? with information they need to evaluate and act on threats to their retail and corporate environment.
  • 0
  • 112

API documentation

Hi,   i want to query Mineneld using the API, in order to get indicators or information about the tool, to automate some reports. For example, i need to know how many indicatores we have added in the last X days, or last month..., how many indicators are in some
miguel.tubia,
  • 0
  • 1

Look What's Riding your Network

A Deeper Look at Growing Threats to Mobile Networks and Subscribers
  • 1
  • 4262

Need to Verify traffic.

Hello All,   I am using PA-820, i only have cli access to device. I will require to verify traffic from a particular source and destination on the device. Do we have any commands to do that ? May be something like packet tracer to get all the routes / ACL
shresth91,
  • 0
  • 0

I know an external account exists, but I can't find it. Why?

Question I know an external account exists, but I can't find it.  Why? Answer There are many reasons for this, but the most common one is that your user does not have permissions to view this external account.  To check, login to Evident platform, go to Control Panel -> Users,
kchen,
  • 0
  • 1

Understanding Security Profiles

  PA newbie here!  I am digging in to the PA traffic processing algorithm & on the 4th leg of the process I see that the traffic is allowed at this point but gets scanned against the configured security profile.  This sounds like where IPS comes into the picture am I correct? 
MarioMarquez,
  • 0
  • 0

Unit 42 Vulnerability Research July 2018 Disclosures – Adobe

As part of Unit 42’s ongoing threat research, we can now disclose that Palo Alto Networks Unit 42 researchers have discovered eight vulnerabilities.
Christopher Budd,
  • 0
  • 0

Q4 FY18 Global Partner Webinar Recap

Watch the replay of the Q4 Fy18 Global NextWave Partner Webinar.
Carrie Krinock,
  • 0
  • 2

HEAnet

Ireland’s National Education & Research Network protects more than a million students and teachers from cyberthreats with the Security Operating Platform.
  • 0
  • 717

VM-Series Specsheet

The VM-Series has been optimized and expanded to deliver industry-leading performance of up to 16Gbps of App-ID-enabled firewall throughput across five models.
  • 5
  • 49737

Allow access to embedded YouTube videos and block others

How to allow access to YouTube videos embedded in a website, but block access to other YouTube videos   Use Case:    An administrator of the Palo Alto Networks next-generation firewall wants to enable students/employees to watch YouTube videos embedded in their website, but block access to all other YouTube videos.  
sshibiraj,
  • 0
  • 0

MineMeld engine:fatal message

I'm getting the below message in my minemeld logs and not sure what is causing it     2018-07-11T00:30:28 (16652)config._destroy_old_nodes INFO: Destroyed nodes: [_ConfigChange(nodename=u'Amazon_IPv4_Agg_General', nodeclass=u'minemeld.ft.ipop.AggregateIPv4FT', change=1, detail={'inputs': ['Amazon_AWS', 'Amazon_CloudFront', 'Amazon_EC2', 'Amazon_S3', 'Amazon_Route53_Agg'], 'config': {'whitelist_prefixes': ['Amazon', 'wl'], 'infilters': [{'conditions': ["__method == 'withdraw'"], 'name': 'accept withdraws', 'actions': ['accept']}, {'conditions': ["type == 'IPv4'"], 'name':
johnsonto,
  • 0
  • 1
Displaying 1 to 30 of 11258