In a recent post for ReadWriteWeb (3 Ways Social Media Can Put Enterprises at Risk), I outlined a few IT security “blind spots” that many companies are currently trying to address when dealing with social media applications. As last week’s blog post on our Application Usage and Risk Report findings pointed out, I am convinced that social media is here to stay in the enterprise. To expand upon the points I made in that article, I’d like to add a few additional details to expound on my opinions around approaching …
This document shows how to deploy Palo Alto Networks devices into your network. Various scenarios and configurations are described. All scenarios were tested in the field running PANOS 5.0.x code. To download the diagrams and tested configurations, refer to Diagrams and Tested Configurations.
I feel sorry for security IT admins these days. The enterprise network used to be relatively easy to protect; crunchy on the outside, chewy and soft in the middle. Protect the perimeters, and you were safe. Now that boundaries have disappeared, threats have evolved, and BYOD (Bring Your Own Device) has become a reality, where should enterprises focus their security efforts? I say the data center. Of course I subscribe to the notion of defense-in-depth, but if there is one place security should never be neglected, it’s where all your …
Overview The User Activity Report contains information related to user activities. The report contains four sections displaying data from different log databases: Application Usage (Traffic summary database) Browsing Summary by Category (Traffic summary database) Browsing Summary by Website (URL database) Detailed Web Browsing Activity (URL database) The first two report
Issue Secondary device in a High Availability Active/Active pair is showing a non-functional status. Resolution Make sure the device IDs on the two devices are not the same. Change the ID on the Primary device to 0 and the secondary device to 1. This is done so the two devices
Issue In an environment with dual HA clusters (active/passive), connected through the same subnet to each each other, the ARP tables for the upstream routers display the same MAC for the different cluster IP addresses. Traffic is not passing through the LAN. Resolution The Group ID is part of the
Issue When trying to remove the IP address from the management interface the following error is received: commit failed * Config commit phase 1 aborted(Module: device) * (pan_dnsproxyd_parse_instance(mgmt-obj) failed * (Module: dnsproxyd) * Commit failed Resolution The management interface of the Palo Alto Networks firewall must have an IP address
Issue: When creating shared policies in Panorama,how are the target devices chosen and policies applied to selective machines? Resolution: The security policy is in the context of the Device Group on Panorma. In the current version of Panorama, target devices can only be selected if they t
This document describes the best practices for using Panorama for central security policy management. Panorama can provide a central repository to create and push security policies to multiple firewalls and virtual systems. This provides better efficiency and allows for larger scale firewall deployments. This also helps ensure a consistent policy
I confess. I am a social media fanatic. I have even been called other words – ones rather unsuitable for this blog. But I love social media; I love how it gives me the ability to stay connected and keep up to date – both personally and professionally. So you can imagine how excited I was to see the shift in usage patterns from simply browsing to more active uses such as applications, posting, and social plugins. I wasn’t alone… There were many more fanatics like me! And based on …
This article is outdated and is replaced by: https://live.paloaltonetworks.com/t5/Featured-Articles/Getting-Started-Packet-Capture/ta-p/72069 The purpose of this document is provide background information on PAN-OS Packet Filtering, Capture and Debug Log functionality as well as recommended workflow when using those features in problem diagnostics. The commands covered in this document is applicable to all
Service providers and enterprises that deliver revenue-generating and business critical services over the Internet face a myriad of performance and security challenges. However critical those challenges may be, high availability remains the paramount concern. In order to properly perform access control functions, a network firewall must be placed at the
While our resident research analyst and long-standing author of the Palo Alto Networks Application Usage and Risk Report, Matt Keil, is out speaking at one of our European User Group Conferences this week, I was asked to provide an overview of country-specific findings based on our latest research. What was the one defining similarity among employees’ use of applications in the workplace across the 19 different countries/regions we analyzed? A love for social networking applications. Our data underscores how active employees are on social networks and that it’s not all …
Two signatures exist for data filtering: Credit Card: the device will look for 16 digit numbers and will run thru a hash algorithm. It must match the hash algorithm before detecting this as a Credit Card number. This method has less false positive. Social Security Number: is detected as any
Overview For max-packet-rate, the unit is kilobytes per second: set deviceconfig setting logging max-packet-rate 250 For max-log-rate, the unit is counts per second: set deviceconfig setting logging max-log-rate 250 The current values can be checked with the show system setting logging command. For example: > show system setting logging Max.
There is explosive growth in global social networking and browser-based file sharing on corporate networks, with a 300 percent increase in active social networking (e.g., posting, applications) compared with activity during the same period in the latter half of 2010, according to research published by Palo Alto Networks.