Thanks for this. I have been using a PA device for years now and never realised that that security profile is applied AFTER the traffic is allowed! how does that work? Also if I want file blocking stuff to work do I have to have SSL decryption in place? many thanks again.
Hi nx u, if you have security policies that denies certain traffic, any security profiles attached to the rule will not be processed. Check out docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/policy/security-profiles. This makes sense as we dont want the firewalls resources being consumed unnecessarily. With regards to file-blocking, yes you will need to decrypt the SSL traffic in order to scan for threats.
Thanks for this. I have been using a PA device for years now and never realised that that security profile is applied AFTER the traffic is allowed! how does that work? Also if I want file blocking stuff to work do I have to have SSL decryption in place? many thanks again.
Hi nx u, if you have security policies that denies certain traffic, any security profiles attached to the rule will not be processed. Check out docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/policy/security-profiles. This makes sense as we dont want the firewalls resources being consumed unnecessarily.
With regards to file-blocking, yes you will need to decrypt the SSL traffic in order to scan for threats.
@@MBTechTalker very grateful for the response. Thanks ever so much.