Customers have to get the trust with NGN Firewalls, so we have to present it somehow without interfering the production traffic. We can do this during a POC (Proof of concept) by integrating it in the network just like we implemented an IDS in the past. The purpose is to present in reports what the […]
November 15, 2018
I can only quote now since I am a bit tired: “MineMeld is a threat intelligence processing tool that extracts indicators from various sources and compiles the indicators into multiple formats compatible with AutoFocus, the Palo Alto Networks® next-generation firewall, and other security and information event management (SIEM) platforms.” Here are some more details: minemeld […]
November 13, 2018
Still we cannot find any freely available usefull IKE State Monitoring for our VPN Tunnels in 2018…thats bad. That’s why I have grabbed my laptop for a couple of sleepless nights and created from TIG Stack and Maxmind Geolite Free and with Python an IKE State Monitoring Tool. See the building blocks for that service […]
April 19, 2017
The following Application is a nice tool that was built to automate report generation and to make monthly or weekly report analisys where you can find the changes in the firewall events between months or weeks. The Palo Alto Firewall has a great built-in Reporting Service that can generate any kind of custom reports within […]
April 11, 2017
On a network device sometimes we have to collect outputs of multiple commands that contains a counter within its output. To get a state from those counters in outputs we must issue the commands that generates the output multiple times and we should realise if a specific counter value increasing quickly or slowly or does […]
October 25, 2016
yED is an alternative software for those engineers who are working with linux and dont like microsoft visio and want make network topologies faster and simplier for free :-) There is a lot of features like automatic layout and easy data import and so on it realy intuitive when you use it. One of the […]
October 25, 2016
The App sophos-live-protection and the Palo Alto dns-proxy Affair As I first met with this problem I just thought its my first vulnerability that I have found :-), but it wasnt! It was the administrator who forgot to go to a palo alto school before touching a palo alto firewall. :-) The firewall I configured […]
October 25, 2016
Set proxy only at login and unset at logout On some Linux Servers I must reach to the Internet through web proxy with user credentials and i dont have a so called service user everytime. Generally I must set the wget and apt-get and the system wide proxy everytime I login and delete before logout. […]
January 17, 2015
1. What is the difference between machine digital certificate and user certificate? 1.1 Answer Microsoft Windows specifically: ” Local machine certificate store This type of certificate store is local to the computer and is global to all users on the computer. This certificate store is located in the registry under the HKEY_LOCAL_MACHINE root. Current user […]
January 14, 2015
This is the part 2 of the troubleshooting commands that can help you better understand what and how you can troubleshoot on Palo Alto Next Generation Firewall in cli. The Part 1. can be found here. 1. Capture and logging specific traffic 2. Logging traffic for global counters 3. Updates 3.1 Applications and Threats update […]
March 31, 2021
0