Date

By Source

By Technology

By Services

By Audience

Displaying 10141 to 10170 of 10861

Applications Scanned for Viruses

Overview The Palo Alto Networks device supports anit-virus scanning for the following applications: ftp http https: (if SSL decrypt is enabled) imap pop3 smb SMBv2 Note: file blocking is also supported for SMBv2. However, there is a limitation when multiple files are sent at the same time. Because SMBv2 sends

nrice,
  • 0
  • 0

Firewall rules management fine-tunes operations

Organizations have been building security into their business infrastructure to avoid incurring additional acquisition and operational costs from standalone security products.

  • 0
  • 1795

Social media messaging is getting around traditional firewalls

Is the firewall obsolete? Probably not, but current implementations were never designed to cope with the threats posed by Webmail, various social networking tools, and even popular corporate collaboration applications like SharePoint and WebEx.

  • 0
  • 1608

Configuring Administrator Authentication with Windows 2008 RADIUS Server (NPS/IAS)

Overview This document describes the steps to configure admin authentication with a Windows 2008 RADIUS server. The prerequisites for this configuration are: L3 connectivity from the management interface or service route of the device to the RADIUS server. A Windows 2008 server that can validate domain accounts. Steps Part 1:

nrice,
  • 0
  • 1

Panorama document - Japanese

This document is written in Japanese. Panoramaのインストール、設定方法を記述したホワイトペーパーです。 [PanoramaのFAQ] Q: PanoramaのライセンスはVSYS数に関係しますか? A: いいえ。Panoramaのライセンスは物理筐体にのみ関係します。 たとえば 25 devices ライセンスの場合、VSYSを125個持つPA-4050 を25台管理することも可能です。 Q: バージョン3.1ではVMwareのパーティション上限により2TBまで しかログを保存できないという制限があります。過去のログを残す にはどうすればよいでしょう? A: 以下の方法があります。 1. CLIのscp export log [ data | traffic | threat | url ] コマンドを使うとcsv形式 でログをエクスポートできます。 2. Syslogサーバを設定してLog Forwardingオブジェクトを生成し、セキュ リティポリシーのOptionで指定します。(PANデバイスから直接Syslog サーバへログ転送する場合と同じ) 3. scp export logdbコマンドを使うとすべてのログをscpサーバへエクスポート します。エクスポートされたバイナリファイルは scp import

kmiwa,
  • 0
  • 0

Network Security Check-Up for Health Care Networks

Health care providers are an interesting situation with regard to network security. Like many industries, they’re dealing with rapid technological change in the face of a variety of regulations – in the U.S. health care industry it’s HIPAA and HITECH, and PCI – focused on the portability, security and privacy of PHI and the security of patients’ credit card data, respectively.

  • 0
  • 1730

Network Security Check-Up for Health Care Networks

Health care providers are an interesting situation with regard to network security.  Like many industries, they’re dealing with rapid technological change in the face of a variety of regulations – in the U.S. health care industry it’s HIPAA and HITECH, and PCI – focused on the portability, security and privacy of PHI and the security of patients’ credit card data, respectively. At the same time, their users are adopting many of the same high-risk, high-reward applications that users in other industries are adopting.  The problem, as in most industries, is …

Palo Alto Networks,
  • 0
  • 0

NAT-Traversal in an IPSEC Gateway

Details NAT traversal is required when address translation is performed after encryption. With this option enabled, the firewall will encapsulate IPSEC traffic in UDP packets allowing the next device over to apply address translation to the UDP packet's IP headers. Note: Encapsulating IPSEC in UDP is likely to require an

nrice,
  • 0
  • 0

Palo Alto Networks Credited with Discovering Two Important Microsoft Office Vulnerabilities Included in December Microsoft Security Bulletin

Microsoft Credits Next-Generation Firewall Provider with Identifying Five Vulnerabilities in 2010

San Jose, Calif.
  • 0
  • 232

What’s APPening with FASP

A big shortcoming of traditional file transfer protocols such as FTP or HTTP has been the impact on throughput that results from TCP’s aggressive congestion control mechanism; especially when transferring large data files over wide area networks. Aspera’s FASP is an application layer protocol that is among the many alternatives that have been designed to address this issue. It uses UDP instead of TCP as the underlying transport layer and leverages the fact that bulk file transfer does not require in-order delivery of byte streams. 

  • 0
  • 0

Palo Alto Networks Named "Best Solution" for 2010 By the Government Technology Research Alliance

Palo Alto Networks recognized for excellence by government technology sector

San Jose, Calif.
  • 0
  • 242

AVR guide - Japanese

[This document is written in Japanese] AVR (Application Visibility and Risk Report) バージョン2.0のドキュメント集です。 (2.0から日本語に対応しました。) AVRはプリセールス活動で使うツールで、貸出機を見込み顧客のサイトにTAPモード等で 設置することでゲートウェイを流れるトラフィックを収集し、どのような通信傾向にある か、危険な通信はないか、といったレポートを作成します。 AVRを作成してお客様に説明することで、受注確度を高めます。 【ドキュメントの種類】 AVR_Reporting_tool_user_guide_JP.pdf: AVRの生成ツールのユーザガイド Generating an AVR Reportv2_JP.pdf: AVRの販社教育用プレゼンテーション AVR_JP_example.pdf: 日本語のAVRサンプル owner: kmiwa

kmiwa,
  • 0
  • 0

Which is Riskier: Consumer Devices or the Applications In Use?

A somewhat rhetorical question really. Much like which came first, the chicken or the egg. In his ThreatPost article, George Hulme highlights the challenges and risks associated with allowing consumer-owned devices (phones, laptops, netbooks, tablets) onto corporate networks.

Matt Keil,
  • 0
  • 0

Palo Alto Networks Initiates Search for Top Executive

Rapid growth and established leadership in next generation network security market results in company leadership transition

San Jose, Calif.
  • 0
  • 261

How to Configure U-Turn NAT

Overview “U-turn” refers to the logical path traffic appears to travel when accessing an internal resource when the external address are resolved. U-turn NAT refers to a network where internal users need to access an internal server using the server’s external public IP address.     Details For this example,

nrice,
  • 0
  • 1

The new Facebook threat to business

The Boy Billionaire, aka Facebook CEO Mark Zuckerberg, has done it again. His proposal to turn Facebook messaging into a sort of universal communications platform is probably the worst idea of the year. It's bad for the privacy of users and for corporate IT, which will have to deal with a huge spike in hard-to-defend Webmail.

  • 0
  • 1586

Protection Against Conficker

If you are reading this blog, you probably already know what Conficker is. If you don’t, then Conficker is one of the prominent viruses from last few years that continues to infect computers running Microsoft Windows through its several variants. Conficker is also reportedly building a botnet of the infected machines; botnets are used to generate spam and launch Distributed Denial Of Service (DDoS) attacks. A report earlier this year by Qualys indicated that 1 in 10 computers running Windows are still vulnerable to Conficker attack i.e., these computers have …

  • 0
  • 0

Multiple Events Logged only once in the Data Filtering Logs

Overview When a second event is encountered within a minute, the counter will increment, but a new log won't be created. Checking the details of the data filtering log should show the exact count.   To change the behavior and have log entries for each event.  From CLI configuration mode:

nrice,
  • 0
  • 0

CLI Commands to View the Management Interface

This document describes the CLI commands to view management interface information.   To see the Management Interface's IP address, netmask, default gateway settings: admin@anuragFW> show system info hostname: anuragFW ip-address: 10.21.56.125 netmask: 255.255.255.0 default-gateway: 10.21.56.1 ip-assignment: static ipv6-address: unknown ipv6-link-local-address: fe80::20c:0000:0000:0000/64 ipv6-default-gateway: mac-address: 00:0c:29:00:00:00 time: Wed Aug 2 17:45:41 2017

nrice,
  • 0
  • 9

Denying Ping

ICMP is not available in the "Service" column of the security policies. Instead the option is available in the "Application" column. Palo Alto Networks does not recommend blocking ICMP as it is an important networking protocol. It is recommended to only block ping as this affects only echo request packets.

nrice,
  • 0
  • 0

News Flash: Facebook Email is Already in Use!

Must have been a slow news day. Or we have just become accustomed to being inundated with news about Facebook. The point is, Facebook email has existed for sometime. Perhaps not as a standalone service like Gmail, Yahoo Mail, AOL Mail or Hotmail, but it is out there, it is used frequently and heavily. The existing email services should indeed be concerned about their marketshare.

Matt Keil,
  • 0
  • 0

What are Application Dependency Warnings?

Application dependency warnings are messages from the Palo Alto Networks device that can appear post commit. These warnings advise the administrator there is an application configured on a policy that may not function fully because another application (or applications) is needed. For example, if the “facebook-base” application on a policy

swhyte,
  • 0
  • 0

Using Block and Allow Profiles with Custom URL Categories

Symptoms Custom URL categories are used to allow people to browse certain web sites and block all the rest. Two custom URL categories were created, and the other sites were put in a block list (identified by *.*). The result is that the sites that are allowed to access are

nrice,
  • 0
  • 1

Can the MTU be Changed on the Management Interface?

The management interface MTU size is configurable from the web UI: Device > Management > Management Interface Settings > Edit > MTU From the CLI, the MTU can be configured with the following command in configuration mode: # set deviceconfig system mtu <576-1500>    Note: For PAN-OS below 5.0, it

nrice,
  • 0
  • 0

Problem Running User-ID Agent on Windows Server 2008

Issue User Access Control (UAC) is causes problems when installing the User-ID agent with UAC enabled.   Resolution To disable User Access Control: Open Control Panel and enter UAC in the search box. Click the “Turn User Account Control (UAC) on or off” link. On the next screen, uncheck the

swhyte,
  • 0
  • 1

Contrary to Popular Opinion, Webmail is Not Dead!

The rapid expansion of social networking, video chat and micro-blogging has led to some speculation that webmail is dead or dying. Like Mark Twain famously said, “the report of my death was an exaggeration,”  the same holds true for the claimed death of webmail.

Matt Keil,
  • 0
  • 0

A Start-Up That Actually Met Its 'Hockey Stick' Revenue Projection

When pitching venture firms, entrepreneurs typically include a slide that shows revenue curving sharply up and to the right shortly after launch – what’s known as the “hockey stick” – but even the best companies rarely meet those projections.

  • 0
  • 1697

OMG! Facebook Users are Voyeurs!

The latest Application Usage and Risk Report shows that when at work, Facebook users exhibit passive, voyeuristic usage patterns as opposed to a more active game playing or posting usage pattern. This activity pattern indicates that the “productivity loss associated with games or posting” is somewhat overblown. Inbound and outbound security risks DO exist, however, a non-productive employee is just that, non-productive; social networking is just one of the tools used to avoid work.

Matt Keil,
  • 0
  • 0

The Future of Network Security

The Future of Network Security with Nir Zuk.

  • 0
  • 1686

SNMP Trap for Port or Link status

Details Link and/or port monitoring via SNMP is done through the system (sys) logs in the Palo Alto Networks firewall.  A SNMP trap can be sent for all of the sys logs. Since there are sys logs which provide the status of ports/links, SNMP traps can be sent for the

swhyte,
  • 0
  • 0
Displaying 10141 to 10170 of 10861