Date

By Source

By Technology

By Services

By Audience

Displaying 10351 to 10380 of 11088

Summary of User-ID Agent to Firewall Communication

Though the communication is constant, there is very little bandwidth used for the traffic between the Palo Alto Networks firewall and the User-ID Agent or PAN-Agent.  The summary below indicates the frequency of various queries: Every 2 seconds Get new user/IP mapping from the agent. Used to retrieve new user/IP

nrice,
  • 0
  • 1

Marketecture vs. Momentum

Cisco’s news at this years RSA Conference is the unveiling of SecureX. Cisco itself describes this next generation security architecture as “complicated” in that it includes new scanning elements, policy language and enforcement capabilities (endpoint control, presumably), all aimed at improving security in a broader range of contexts. While Cisco admits these context-aware scanning elements are “completely independent of the architecture”, the company is only talking about embedding them into its line of ASA firewalls. Is that a round-about way of answering enterprises’ call for a next-generation firewall?

Nir Zuk,
  • 0
  • 0

Using Active Directory GPO to Install the GlobalProtect Client

AD Group Policy Overview   Active Directory Group Policy allows you to manage your network from on high, governing how your users and computers operate within your AD environment. Policy settings can be created to target the logged-in user or the computer, and a variety of settings that can be

nrice,
  • 0
  • 1

Tips for Configuring a Juniper SRX IPSEC VPN Tunnel to a Palo Alto Networks Firewall

Overview This document is intented to give simple tips to help in configuring a Juniper to Palo Alto Networks VPN. In this sample configuration, a Juniper SRX firewall is using a route-based VPN configuration terminating at a Palo Alto Networks firewall. Tips IPSEC Proxy IDs The VPN will come up

nrice,
  • 0
  • 3

Palo Alto Extends Reach through OEM Partners

Palo Alto Networks is a brash security vendor that believes its playing the role of disruptor in the staid security market with its high-performance, multifunction firewalls. Competitors have dismissed the upstart as having little room to expand features and functionality beyond its core value proposition. The answer: Take on complementary partners that round out the features and functionality of a firewall.

  • 0
  • 1768

Palo Alto Networks TCP Settings and Counters

Palo Alto Networks Next-Generation Firewalls have several security features built in to prevent various types of hacking attempts. When detected, these packets are dropped by default and are not logged in traffic or threat logs. Viewing Global Counters Global counters indicate when traffic has been dropped by these security features.

nrice,
  • 0
  • 1

Palo Alto Networks Credited with Discovering Three Microsoft Office Vulnerabilities Included in February Microsoft Security Bulletin

Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution

  • 1
  • 259

Palo Alto Networks Introduces Its Technology Partner Program

The Industry's Leading Technology Innovators Collaborate to Deliver Enterprises Integrated Network Security and Risk Management Solutions

  • 0
  • 463

How to Migrate from NetScreen/Juniper Services for Security Policies

PAN-OS has two predefined services, service-http and service-https. To migrate from NetScreen/Juniper's security policies using their predefined service easily, run (copy & paste) the following commands in CLI configuration mode and use it in security policy configuration. Note: Some service names are not exactly the same as the one used

kmiwa,
  • 0
  • 0

What’s APPening with Location-based services

Last Friday was the annual Data Privacy Day, held to raise awareness about data privacy issues among consumers, organizations, and government. A key piece of online data is information about a user’s location. While location information has enabled the delivery of interesting services, it has also raised security concerns. Social media applications allow users to share their location with friends and businesses that provide value-added services. But at the same time, they expose users to serious security issues such as the ones on PleaseRobMe.com and ICanStalkYou.com. Recently, concerns were raised by …

  • 0
  • 0

How to Back up Panorama

Overview Panorama saves a backup of every committed configuration from each device it manages. In addition, Panorama saves copies of its own committed configurations. To facilitate off-box backup requirements, the system supports a method to regularly export these backups to an external data store. This document describes the steps to

nrice,
  • 0
  • 2

Facebook Goes HTTPS

This week, Facebook announced HTTPS support for all communication between its servers and end users’ web browsers.  This is the right thing for Facebook to do in light of recent proof that session hijacking of Web 2.0 applications is both easy and increasingly common with tools like Firesheep.  While HTTPS is not yet on by default (users have to specify HTTPS in the Facebook URL), that is the stated intention.  Note that Gmail went to default HTTPS a year ago. Both of these moves highlight an important trend – applications …

Palo Alto Networks,
  • 0
  • 0

Personal Digital Content Access Anywhere and Everywhere

In our content updates over the last two weeks, we included App-IDs for 8 new applications – 3 of which are very interesting to me, as evidence for the continued movement towards browser-based filesharing, and another as proof of the increasingly common user expectation that personal digital content should be available everywhere – including at the office.

Palo Alto Networks,
  • 0
  • 0

How to Advertise Interface via OSPF Without Creating a Neighborship

Set the interface in the applicable OSPF Area and check the box marked Passive. Routing updates will be accepted but not sent and no adjacencies will be formed. If an interface is edited and changed to passive mode, all existing adjacencies will be dropped. owner: panagent

nrice,
  • 0
  • 1

Applications Scanned for Viruses

Overview The Palo Alto Networks device supports anit-virus scanning for the following applications: ftp http https: (if SSL decrypt is enabled) imap pop3 smb SMBv2 Note: file blocking is also supported for SMBv2. However, there is a limitation when multiple files are sent at the same time. Because SMBv2 sends

nrice,
  • 0
  • 0

Firewall rules management fine-tunes operations

Organizations have been building security into their business infrastructure to avoid incurring additional acquisition and operational costs from standalone security products.

  • 0
  • 1952

Social media messaging is getting around traditional firewalls

Is the firewall obsolete? Probably not, but current implementations were never designed to cope with the threats posed by Webmail, various social networking tools, and even popular corporate collaboration applications like SharePoint and WebEx.

  • 0
  • 1746

Configuring Administrator Authentication with Windows 2008 RADIUS Server (NPS/IAS)

Overview This document describes the steps to configure admin authentication with a Windows 2008 RADIUS server. The prerequisites for this configuration are: L3 connectivity from the management interface or service route of the device to the RADIUS server. A Windows 2008 server that can validate domain accounts. Steps Part 1:

nrice,
  • 0
  • 1

Panorama document - Japanese

This document is written in Japanese. Panoramaのインストール、設定方法を記述したホワイトペーパーです。 [PanoramaのFAQ] Q: PanoramaのライセンスはVSYS数に関係しますか? A: いいえ。Panoramaのライセンスは物理筐体にのみ関係します。 たとえば 25 devices ライセンスの場合、VSYSを125個持つPA-4050 を25台管理することも可能です。 Q: バージョン3.1ではVMwareのパーティション上限により2TBまで しかログを保存できないという制限があります。過去のログを残す にはどうすればよいでしょう? A: 以下の方法があります。 1. CLIのscp export log [ data | traffic | threat | url ] コマンドを使うとcsv形式 でログをエクスポートできます。 2. Syslogサーバを設定してLog Forwardingオブジェクトを生成し、セキュ リティポリシーのOptionで指定します。(PANデバイスから直接Syslog サーバへログ転送する場合と同じ) 3. scp export logdbコマンドを使うとすべてのログをscpサーバへエクスポート します。エクスポートされたバイナリファイルは scp import

kmiwa,
  • 0
  • 0

Network Security Check-Up for Health Care Networks

Health care providers are an interesting situation with regard to network security. Like many industries, they’re dealing with rapid technological change in the face of a variety of regulations – in the U.S. health care industry it’s HIPAA and HITECH, and PCI – focused on the portability, security and privacy of PHI and the security of patients’ credit card data, respectively.

  • 0
  • 1865

Network Security Check-Up for Health Care Networks

Health care providers are an interesting situation with regard to network security.  Like many industries, they’re dealing with rapid technological change in the face of a variety of regulations – in the U.S. health care industry it’s HIPAA and HITECH, and PCI – focused on the portability, security and privacy of PHI and the security of patients’ credit card data, respectively. At the same time, their users are adopting many of the same high-risk, high-reward applications that users in other industries are adopting.  The problem, as in most industries, is …

Palo Alto Networks,
  • 0
  • 0

NAT-Traversal in an IPSEC Gateway

Details NAT traversal is required when address translation is performed after encryption. With this option enabled, the firewall will encapsulate IPSEC traffic in UDP packets allowing the next device over to apply address translation to the UDP packet's IP headers. Note: Encapsulating IPSEC in UDP is likely to require an

nrice,
  • 0
  • 0

Palo Alto Networks Credited with Discovering Two Important Microsoft Office Vulnerabilities Included in December Microsoft Security Bulletin

Microsoft Credits Next-Generation Firewall Provider with Identifying Five Vulnerabilities in 2010

San Jose, Calif.
  • 0
  • 239

What’s APPening with FASP

A big shortcoming of traditional file transfer protocols such as FTP or HTTP has been the impact on throughput that results from TCP’s aggressive congestion control mechanism; especially when transferring large data files over wide area networks. Aspera’s FASP is an application layer protocol that is among the many alternatives that have been designed to address this issue. It uses UDP instead of TCP as the underlying transport layer and leverages the fact that bulk file transfer does not require in-order delivery of byte streams. 

  • 0
  • 1

Palo Alto Networks Named "Best Solution" for 2010 By the Government Technology Research Alliance

Palo Alto Networks recognized for excellence by government technology sector

San Jose, Calif.
  • 0
  • 247

AVR guide - Japanese

[This document is written in Japanese] AVR (Application Visibility and Risk Report) バージョン2.0のドキュメント集です。 (2.0から日本語に対応しました。) AVRはプリセールス活動で使うツールで、貸出機を見込み顧客のサイトにTAPモード等で 設置することでゲートウェイを流れるトラフィックを収集し、どのような通信傾向にある か、危険な通信はないか、といったレポートを作成します。 AVRを作成してお客様に説明することで、受注確度を高めます。 【ドキュメントの種類】 AVR_Reporting_tool_user_guide_JP.pdf: AVRの生成ツールのユーザガイド Generating an AVR Reportv2_JP.pdf: AVRの販社教育用プレゼンテーション AVR_JP_example.pdf: 日本語のAVRサンプル owner: kmiwa

kmiwa,
  • 0
  • 0

Which is Riskier: Consumer Devices or the Applications In Use?

A somewhat rhetorical question really. Much like which came first, the chicken or the egg. In his ThreatPost article, George Hulme highlights the challenges and risks associated with allowing consumer-owned devices (phones, laptops, netbooks, tablets) onto corporate networks.

Matt Keil,
  • 0
  • 0

Palo Alto Networks Initiates Search for Top Executive

Rapid growth and established leadership in next generation network security market results in company leadership transition

San Jose, Calif.
  • 0
  • 269

How to Configure U-Turn NAT

Overview “U-turn” refers to the logical path traffic appears to travel when accessing an internal resource when the external address are resolved. U-turn NAT refers to a network where internal users need to access an internal server using the server’s external public IP address.     Details For this example,

nrice,
  • 0
  • 1

The new Facebook threat to business

The Boy Billionaire, aka Facebook CEO Mark Zuckerberg, has done it again. His proposal to turn Facebook messaging into a sort of universal communications platform is probably the worst idea of the year. It's bad for the privacy of users and for corporate IT, which will have to deal with a huge spike in hard-to-defend Webmail.

  • 0
  • 1721
Displaying 10351 to 10380 of 11088