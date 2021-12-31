ContributorsPublishersAdvertisers
Prisma Gateway IP conflict

By BChana
 2 days ago

Hi everyone, hope someone can help with this query. We've recently rolled out Global Protect to our users and all is working fine. General feedback, compared to the previous Checkpoint VPN connectivity, has been very positive....

PCI Pal Provides Secure, Compliant Payments For Talkdesk Global Customers

Joint Talkdesk, PCI Pal customer relationships expand to include Air Business, Metabolic Living, Resideo, Scotts, Tucows, and Weekendesk. PCI Pal, the global provider of secure payment solutions, is working closely with Talkdesk, the global customer experience leader for customer-obsessed companies, to provide a growing list of customers with innovative customer service and security capabilities. The companies’ expanding customer list includes Air Business, Metabolic Living, Resideo, Scotts, Tucows, and Weekendesk.
GlobalProtect keeps re-authenticating automatically

GlobalProtect keeps re-authenticating automatically. We need GlobalProtect setup with DUO via RADIUS and we need the user to have to manually re-auth after 11 hours. We have struggling to get this to work. Login Lifetime or Cookie Auth Expiration both automatically re-auth the user even when GlobalProtect is set to On-Demand and set to not remember username and password. (The biggest issue with the auto re-auth is random DUO prompts on user devices that they do not expect and eventual lockouts). We have verified SSO is off and have tried with and without authentication cookies.
Aderant, LawPay Integrate Automated Online Payment Platform

Global business management software company Aderant on Wednesday (Dec. 29) announced a partnership with law firm accounts receivable platform LawPay to fully automate and extend payment options for Aderant Expert and Expert Sierra clients, who have been accepting payments via ClientPay. ClientPay collaborated with LawPay in February to form a...
Firewall dropping HTTP only from specific source network

Firewall dropping HTTP only from specific source network. Hello. I've come upon an extremely strange situation that I'm hoping to get some assistance on. I've already opened a case with Palo support, but they seem to be at a loss as well. For one specific internal network, the edge Palo...
One-Click Trial on TYK API Gateway with Tin

The choice of technology architecture is closely related to enterprise strategy, business processes, project effectiveness, etc. It is an important part of the R&D process. The complete technology process includes determining the requirements, filtering within the range of options, finding suitable projects, installing, and experiencing. However, once the requirements are identified, the installation and screening process can also be time-consuming and labor-intensive, which has become a major pain point in technology selection. How to save time, optimize the trial process of open source projects, and improve the efficiency of choosing the technology pattern has become a common issue for many developers. The traditional way to try an open-source project Tyk is an open-source API gateway project. Organizations can control access to the gateway and protect the security of enterprises and organizations. To start with, I chose the traditional way, using docker-compose to install it, which requires the Git and Docker environment on the computer.
Log4Shell Compromise Assessment

The Log4Shell vulnerability, also known as Log4j, is a remote code execution vulnerability in Apache log4j 2. Impacted Java-based applications are widely used, making this a high risk vulnerability now and in the future. The Unit 42 Compromise Assessment team is composed of seasoned incident response and threat hunting experts who apply our threat intelligence and real-world investigative observations to customize a Log4Shell Compromise Assessment for your unique environment. Through this assessment, you will:
Not able to access an website via Palo Alto firewall

Not able to access an website via Palo Alto firewall. We are recently receiving multiple cases where the devices behind the PA firewall is not able to access certain websites. In an recent case we had seen for two devices (Device A and Device B in different VLAN's ) located behind Palo Alto firewall from device A we are able to access the website but from device B we are not able to access to the site.
SSL Decryption and Forward decrypted content to WildFire Query

I have below 2 tasks which needs to be closed from PaloAlto Level. Appreciate your quick response. "1.Configure SSL Forward Proxy for all traffic destined to the Internet" As per the Best Practices we have to enable ssl Decryption for Internet Traffic for that we have to push Certificate to Domain users but My case we have separate Proxy for http and HTTPs Traffic which is in DMZ Zone so we pushed only Proxy certificate to Clients.
Advanced URL License not showing in Panorama?

I recently renewed some licensing on firewalls. The URL Filtering subscription changed to Advanced URL Filtering. On the firewall, under licensing, everything shows fine. In Panorama, for those firewalls, I noticed after doing a refresh, Pano shows them as not having any URL Filtering license. Is anyone seeing something similar?
iotLINKS: A Gateway To Digital Transformation – Mazi Hosseni

Mazi Hosseini is a multi-talented entrepreneur and visionary with a passion for making a difference where it matters most. Having spent over two decades in the design industry and served as an electronic engineer and project lead for multimillion-dollar design & development projects, Mazi has acquired a range and diversity that makes him an authority in his industry.
deactivate VM License question

I have an odd scenario going on where we installed a VM-300 license but did not have the proper resources applied to the VM. When we clicked install on the license the VM then locked up and errored on boot complaining about memory. We fixed the memory allocation issue in ESX (set to 9GB) and the VM booted with no issues and shows the VM-300 license installed fine. BUT it will not let me create any zones above 15. Looks like the license didn't load all the way....
Managing HA Settings of firewall locally instead of managing it from Panorama

Managing HA Settings of firewall locally instead of managing it from Panorama. We had recently migrated HA firewall to Panorama using the below documentation. Migrate a Firewall HA Pair to Panorama Management:. ​. https://docs.paloaltonetworks.com/panorama/10-0/panorama-admin/manage-firewalls/transition-a-firewal... As per below documentation once the migration had been completed the HA settings and management IP address...
Script to automate the baseline configuration after initial palo alto deployment

Script to automate the baseline configuration after initial palo alto deployment. I have prepared the "SET" commands which configure the baseline settings. I can able to run the full set command from CLI. I would like to know any options where I can run these command from a Linux machine where the system take the commands from the local script and loginto the palo alto and execute the commands.
Behavioral Alert from Vulnerability Scanner - How to Allow Scans WITHOUT alerts from IP address?

Behavioral Alert from Vulnerability Scanner - How to Allow Scans WITHOUT alerts from IP address?. We use an on-site vulnerability scanner that started triggering behavioral alerts on Cortex endpoints on Monday. These scans were disabled since they were very disruptive with some endpoints just reporting the issue and others blocking the scan. All endpoints received the pop-up alerting them to danger. These scans have been running since before we adopted Cortex and I am going to guess that an update from the scanning vendor added a detection for something new that triggers this alert since Palo updates come out on Wednesday. The behavior alert references "heuristic.b.205", but I am not sure where you find out more info about what that means. I can see the IP address in the alert that shows what system (i.e. the vulnerability scanner) initiated the string of events that triggered the alert.
HA Firewall Device Migration/Hardware Swap

Need to replace an HA pair of Panorama managed, currently deployed firewalls (PA-5220s) with a different pair of Panorama managed firewalls (also PA-5220s), with minimum/no downtime; device licensing is different between #1 & #2 pairs, necessitating the swap. Proposed procedure (detailed in attached picture) - Copy Panorama DG/Template for HA...
Panorama template limitations

We had recently migrated HA Firewall pair to Panorama. We had observed that after migration the HA Settings (HA peer IP address, device ID, etc), Management IP address are over-ridden locally on the firewall. I had gone through an documentation stating the limitation of templates. There it is mentioned as.
Proxy SG to Palo alto policy migration

Is there any automation tool through which we can migrate all our proxy SG policy rule, object and object group to Palo alto. Or else if there is any alternate option then please let me know. 4 REPLIES. 8 hours ago. Hello,. Not sure what SG stands for, however if...
New iLOBleed Rootkit Targeting HP Enterprise Servers with Data Wiping Attacks

A previously unknown rootkit has been found setting its sights on Hewlett-Packard Enterprise's Integrated Lights-Out (iLO) server management technology to carry out in-the-wild attacks that tamper with the firmware modules and completely wipe data off the infected systems. The discovery, which is the first instance of real-world malware in iLO...
Re-Register IP to Tag Push from Panorama to Managed Firewall

I know that panorama will push registrations of IP to tag to managed firewalls and allow that registration to be passed on to managed firewalls using that tagged object group. Is there a way to force re-push all registered ip's on panorama to the managed firewalls? This would be in case the local firewalls lose their mappings or are out of sync and miss the registration request to panorama. Specific case would be where panorama has the ip to tags registered in a specific group, but the local firewall does not. In my testing, if the local firewall misses that registration request, even if Panorama has all of the correct registrations, the local firewall will be out of sync, and will be missing registrations.
