PaloAlto EDL Hosting Service

If you want to configure rules for Saas services on the PaloAlto Firewall, you can do this using the App ID for the particular service, or you can use the IP addresses, Domains or URLs of the service in the policy.

However, since Saas services typically do not use only one IP address, domain or URL, and since these can change dynamically, it requires a dynamic list that is constantly updated automatically.

PaloAlto offers this service as «EDL hosting service». External Dynamic Lists (EDL) are dynamic lists that can contain a list of IP addresses, domains or URLs. These lists are periodically queried by the firewall and updated accordingly. These EDL lists can then be used in various policies. Due to the automatic update of the lists, they are always up to date. There is also no need to commit the configuration if the list changes.

«PaloAlto EDL Hosting Service» weiterlesen

Palo Alto Firewall Feature: Block Tor Exit nodes with an External Dynamic List (EDL)

With the possibility to include external lists from third parties via the feature «External Dynamic List EDL», this opens up many possibilities to restrict your own security policies even better and to prevent access to the TOR network.

In the following tutorial I will show you how to configure the list of TOR exit nodes, which can be found at https://check.torproject.org/torbulkexitlist as a list of IP addresses.

«Palo Alto Firewall Feature: Block Tor Exit nodes with an External Dynamic List (EDL)» weiterlesen

Re-Certification Policies during COVID19

Because it’s very difficult to take exams at PearsonVUE right now, you may get in trouble regarding the timely recertification of existing certifications. Therefore some vendors have announced an extension for their recertification expiration:

PaloAltoNetworks is extending the certification expiration date by six month for Credential holders with expiration date between March 1, 2020 and July 31, 2020.

Fortinet is extending the certification expiration by one month so far. We assume that this extension will be extended again :-).
Update March 27th: Fortinet will extend the expiry dates of all existing NSE certifications by 6 months as of March 16th 2020 (the date of PV’s test center closures).