Skip to main content

  • ManageEngine

    OpManager: Network & DC Monitoring

    Monitor & Manage Network, Datacenters, endpoints & more.

  • ManageEngine

    Patch Manager Plus

    Patch 750+ applications through one reliable platform

Latest Articles

Palo Alto Networks

Configuring QoS on Palo Alto Firewalls: Class-based Policies, QoS Profiles, Enabling QoS on Firewall Interfaces

Palo Alto Firewalls - Understanding and configuring QoSThis article’s purpose is to help you quickly master Palo Alto QoS concepts and learn to configure QoS on Palo Alto Firewalls in a simple and efficient way. QoS is considered a complicated topic however thanks to Palo Alto’s intuitive firewall GUI interface and our real-scenarios, you’ll quickly grasp all necessary QoS basics and be ready to implement your own QoS policies!

You’ll learn basic QoS terms such as Ingress and Egress traffic, Differentiated Service Code Point (DSCP), Traffic Policing, Traffic Shaping, Palo Alto QoS Classes, Palo Alto QoS Policies, how to build Palo Alto QoS policies, how to configure Palo Alto QoS Classes and finally how to enable and monitor QoS on Palo Alto firewall interfaces (both standalone & AE Aggregate interfaces), view QoS bandwidth graphs and more!

Key Topics:

Find more great articles by visiting our Palo Alto Firewall Section.

Introduction to Palo Alto QoS

QoS was born from the IEEE group during 1995-1998 by establishing the standard IEEE 802.1P. The main purpose of QoS is to prioritise desired traffic over other type of traffic or to limit the amount of bandwidth applications can consume, by utilizing different mechanisms. This ensures network performance, avoids bottlenecks, congestion or overutilization of network links. A frequently used example of QoS is the prioritising Real-time traffic e.g voice or video, over other type of traffic:

Palo Alto Firewall - QoS Priority Queues & Packet PrioritizationQoS Priority Queues - Packet classification and prioritization

In the example above, voice packets (blue) are given a higher priority against others, therefore immediately being forwarded by the firewall out via the output interface. Since voice packets are very sensitive to delay, they are usually handled with priority to avoid issues in a real-time voice streams e.g VoIP telephone call between two endpoints.

Overview of QoS Configuration on Palo Alto Firewalls

ManageEngine Firewall Analyzer

Dealing with Security Audit Challenges: Discovering vulnerabilities, unauthorized access, optimize network security & reporting

manageengine firewall analyzer - dealing with security audit challengesThe utilization of log analyzers, such as Firewall Analyzer, in network infrastructure plays a pivotal role in enhancing cybersecurity and fortifying the overall security posture of an organization. Security audits, facilitated by log analyzers, serve as a critical mechanism for systematically reviewing and analyzing recorded events within the network.

This proactive approach enables the identification of potential security risks, unauthorized access attempts, and abnormal activities that might signify a breach. The log analyzer sifts through vast amounts of data & logs, providing insights into patterns and anomalies that might go unnoticed otherwise.

By uncovering vulnerabilities and irregularities, organizations can take timely corrective actions, preventing potential security breaches. Moreover, the information gleaned from these audits is instrumental in formulating a comprehensive security strategy that extends across the entire network infrastructure.

ManageEngine Firewall Analyzer dashboard
ManageEngine Firewall Analyzer dashboard (click to enlarge)

This strategic approach ensures a holistic defense against cyber threats, fostering a resilient and adaptive cybersecurity framework that aligns with the evolving landscape of security challenges.

This article will delve into the concept of security audits and how a product like Firewall Analyzer can streamline this crucial procedure.

Key Topics:

Download your copy of ManageEngine's popular Firewall Analyzer here.

Security Audits Explained

Palo Alto Networks

How to Manually Download, Import & Install PAN-OS on Palo Alto Firewalls via CLI & Web GUI interface

Palo Alto PAN-OS Manual update - upload - upgradeThis article provides comprehensive guidance on the manual processes involved in downloading, uploading, and installing (import) any PAN-OS version on a Palo Alto Firewall. It details the steps for searching and downloading the desired PAN-OS version, as well as the supported methods for uploading the software to your Palo Alto Firewall, including Web, TFTP, and SCP. Additionally, the article offers valuable tips aimed at facilitating a smooth and successful upgrade process.

The necessity for a manual upgrade of a Palo Alto firewall arises in instances where the system operates within an isolated environment employing air-gap architecture and lacks direct internet access. This requirement is further applicable in scenarios where the firewall is devoid of valid licenses, remains unregistered, or serves as a replacement unit as exemplified in a Return Merchandise Authorization (RMA) context.

Whether performing upgrades manually or automatically, it is crucial to consider the same upgrade path rules outlined in our article Complete guide to upgrading Palo Alto firewalls. Individuals unfamiliar with these rules are strongly encouraged to review the article before initiating any PAN-OS upgrade.

Key Topics:

Explore our dedicated Palo Alto section to access a collection of high-quality technical articles.

Downloading PAN-OS Software

Begin by downloading the needed software from the Palo Alto Networks support page. Make sure you have a valid support contract.

Once logged in, select Updates on the left pane, followed by Software Updates from the right pane:

Windows Servers

Deploying Active Directory & DNS Services on Windows Server 2022 & Elevating it to Domain Controller Role

intro windows server 2022 ad dnsThis article provides a comprehensive guide to deploying Active Directory and DNS Services on Windows Server 2022, encompassing the Essential, Standard, and Datacenter editions. Our guide also includes step-by-step instructions for promoting the Windows server to a Domain Controller (DC). To enhance user experience, we've included plenty of helpful screenshots, ensuring a smooth and uncomplicated installation process.

 

Key Topics

Explore our dedicated section on Windows Servers for a rich collection of articles providing in-depth coverage and insights into various aspects of Windows Server functionality.

Installation of Active Directory and DNS Services

To begin, in Server Manager, select Dashboard from the left pane, then Add roles and features from the right pane:

Your IP address:

3.230.128.106

FREE Hyper-V & VMware Backup

FREE Hyper-V & VMware Backup

Wi-Fi Key Generator

Generate/Crack any
WEP, WPA, WPA2 Key!

Network and Server Monitoring

Network and Server Monitoring

Follow Firewall.cx

Cisco Password Crack

Decrypt Cisco Type-7 Passwords on the fly!

Decrypt Now!

Bandwidth Monitor

Bandwidth Monitor

Free PatchManager

Free PatchManager

EventLog Analyzer

ManageEngine Eventlog Analyzer

Firewall Analyzer

zoho firewall analyzer


Featured Categories:


Top Picks:

ManageEngine Firewall Analyzer

Ensuring Compliance and Business Continuity in ...

In the wake of digital transformation, the work landscape as we know it has undergone a dynamic shift. People can now work from home, from the office, or anywhere with a stable internet connection....
Virtualization & VM Backup

Understanding Deduplication. Complete Guide to ...

When considering your VM backup solution, key features such as deduplication are incredibly important. This is not simply from a cost perspective but also an operational one. While is it true that ...
Palo Alto Networks

Palo Alto Firewall Configuration Options. Tap M...

Our previous article explained how Palo Alto Firewalls make use of Security Zones to process and enforce security policies. This article will explain the different configuration options for physica...
OpManager - Network Monitoring & Management

Free Webinar: Clients' network configuration an...

Defending your client's network from faulty configuration changes, poor compliance, and bringing the network back quickly from downtime can be challenging. It requires a lot of effort and time, a f...

SASE & SD-WAN Networks

The Need for a Converged SASE Platform. Converging Network & Security Services with Catonetworks SASE Platform

The digital transformation is pushing applications to the cloud, the 2020-2022 pandemic shifted employees to work from home, and the number of resu...
SASE & SD-WAN Networks

Key Features of a True Cloud-Native SASE Service. Setting the Right Expectations

Secure Access Service Edge (SASE) is an architecture widely regarded as the future of enterprise networking and security. In previous articles we t...
Security Service Edge (SSE)

Security Service Edge (SSE) Limitations & Disadvantages. Protecting all Traffic, Users, Apps, and Services with 360-degree SSE

This article explores the Security Service Edge (SSE) portion of Secure Access Service Edge (SASE) and the need for holistic cybersecurity protecti...
SASE & SD-WAN Networks

Converged SASE Backbone – How Leading SASE Provider, Cato Networks, Reduced Jitter/Latency and Packet Loss by a Factor of 13!

Global connectivity is top of mind for many IT teams at organizations of all sizes. We are currently in the middle of a dramatic shift in business ...

VLAN Networks

The VLAN Concept - Introduction to VLANs

We hear about them everywhere, vendors around the world are constantly trying to push them into every type of network and as a result, the Local Ar...
VLAN Networks

VTP Protocol - In-Depth Analysis

The previous article introduced the VTP protocol, we examined how it can be used within a network, to help manage VLANs and ease the administrative...
VLAN Networks

VLAN Security - Making the Most of VLANs

It's easy to see why virtual LANs have become extremely popular on networks of all sizes. In practical terms, multiple VLANs are pretty much the sa...
VLAN Networks

Dynamic VLANs

Dynamic VLANs were introduced to grant the flexibility and complexity(!) that Static VLANs did not provide. Dynamic VLANs are quite rare because of...

Routing

OSPF - Part 3: OSPF Adjacency & Neighbor Forming Process. OSPF Hello Messages, OSPF Database Updates via Link State Requests (LSR & LSU)

This is the thrid article of our 6-part OSPF series (see below) that describes how OSPF routers perform neighbor relationship and adjacency. We’ll ...
Routing

Distance Vector Routing Protocols

Distance Vector routing protocols use frequent broadcasts (255.255.255.255 or FF:FF:FF:FF) of their entire routing table every 30 sec. on all their...
Routing

OSPF - Part 5: Analysis of OSPF Link State Update (LSU) - Link State Advertisement (LSA) Packet Structure. Common LSA Types

This article explains how OSPF uses Link State Advertisement (LSA) to exchange information about the network topology between routers. When a route...
Routing

OSPF - Part 4: OSPF Neighbor States – OSPF Neighbor Forming Process

This is the third article of our OSPF series which analyzes the different OSPF States routers go through during the OSPF discovery and neighbor for...

Cisco Switches

Spanning Tree BPDU Guard and Errdisable Interface Automatic Recovery

Running Spanning Tree Protocol (STP) in a large network environment can be a challenging task especially when features/enhancements such as BPDU Fi...
Cisco Switches

Password Recovery / Password Reset Procedure for Catalyst 3750-X & 3560-X Switches - Single or Stack Member Configuration

This article shows how to reset a password on a Cisco Catalyst 3750-X (stacked or single unit) and Cisco Catalyst 3560-x switch without losing its ...
Cisco Routers

Cisco 880W (881W, 886W, 887W, 888W) Multiple - Dual SSID Integrated Access Point Configuration

This article shows how to configure the embedded or integrated access point in a Cisco 880W series router (e.g Cisco 887W, Cisco 886W, Cisco 881W, ...
Cisco Routers

Resolving Cisco Router/Switch Tftp Problems: Source IP Address - The 'IP TFTP Source-Interface' Command

When working with Cisco equipment that has multiple ip interfaces, a common problem engineers are faced with is trying to successfully tftp to or f...