Skip to main content

  • ManageEngine

    OpManager: Network & DC Monitoring

    Monitor & Manage Network, Datacenters, endpoints & more.

  • ManageEngine

    Patch Manager Plus

    Patch 750+ applications through one reliable platform

Latest Articles

Palo Alto Networks

Configuring QoS on Palo Alto Firewalls: Class-based Policies, QoS Profiles, Enabling QoS on Firewall Interfaces

Palo Alto Firewalls - Understanding and configuring QoSThis article’s purpose is to help you quickly master Palo Alto QoS concepts and learn to configure QoS on Palo Alto Firewalls in a simple and efficient way. QoS is considered a complicated topic however thanks to Palo Alto’s intuitive firewall GUI interface and our real-scenarios, you’ll quickly grasp all necessary QoS basics and be ready to implement your own QoS policies!

You’ll learn basic QoS terms such as Ingress and Egress traffic, Differentiated Service Code Point (DSCP), Traffic Policing, Traffic Shaping, Palo Alto QoS Classes, Palo Alto QoS Policies, how to build Palo Alto QoS policies, how to configure Palo Alto QoS Classes and finally how to enable and monitor QoS on Palo Alto firewall interfaces (both standalone & AE Aggregate interfaces), view QoS bandwidth graphs and more!

Key Topics:

Find more great articles by visiting our Palo Alto Firewall Section.

Introduction to Palo Alto QoS

QoS was born from the IEEE group during 1995-1998 by establishing the standard IEEE 802.1P. The main purpose of QoS is to prioritise desired traffic over other type of traffic or to limit the amount of bandwidth applications can consume, by utilizing different mechanisms. This ensures network performance, avoids bottlenecks, congestion or overutilization of network links. A frequently used example of QoS is the prioritising Real-time traffic e.g voice or video, over other type of traffic:

Palo Alto Firewall - QoS Priority Queues & Packet PrioritizationQoS Priority Queues - Packet classification and prioritization

In the example above, voice packets (blue) are given a higher priority against others, therefore immediately being forwarded by the firewall out via the output interface. Since voice packets are very sensitive to delay, they are usually handled with priority to avoid issues in a real-time voice streams e.g VoIP telephone call between two endpoints.

Overview of QoS Configuration on Palo Alto Firewalls

ManageEngine Firewall Analyzer

Dealing with Security Audit Challenges: Discovering vulnerabilities, unauthorized access, optimize network security & reporting

manageengine firewall analyzer - dealing with security audit challengesThe utilization of log analyzers, such as Firewall Analyzer, in network infrastructure plays a pivotal role in enhancing cybersecurity and fortifying the overall security posture of an organization. Security audits, facilitated by log analyzers, serve as a critical mechanism for systematically reviewing and analyzing recorded events within the network.

This proactive approach enables the identification of potential security risks, unauthorized access attempts, and abnormal activities that might signify a breach. The log analyzer sifts through vast amounts of data & logs, providing insights into patterns and anomalies that might go unnoticed otherwise.

By uncovering vulnerabilities and irregularities, organizations can take timely corrective actions, preventing potential security breaches. Moreover, the information gleaned from these audits is instrumental in formulating a comprehensive security strategy that extends across the entire network infrastructure.

ManageEngine Firewall Analyzer dashboard
ManageEngine Firewall Analyzer dashboard (click to enlarge)

This strategic approach ensures a holistic defense against cyber threats, fostering a resilient and adaptive cybersecurity framework that aligns with the evolving landscape of security challenges.

This article will delve into the concept of security audits and how a product like Firewall Analyzer can streamline this crucial procedure.

Key Topics:

Download your copy of ManageEngine's popular Firewall Analyzer here.

Security Audits Explained

Palo Alto Networks

How to Manually Download, Import & Install PAN-OS on Palo Alto Firewalls via CLI & Web GUI interface

Palo Alto PAN-OS Manual update - upload - upgradeThis article provides comprehensive guidance on the manual processes involved in downloading, uploading, and installing (import) any PAN-OS version on a Palo Alto Firewall. It details the steps for searching and downloading the desired PAN-OS version, as well as the supported methods for uploading the software to your Palo Alto Firewall, including Web, TFTP, and SCP. Additionally, the article offers valuable tips aimed at facilitating a smooth and successful upgrade process.

The necessity for a manual upgrade of a Palo Alto firewall arises in instances where the system operates within an isolated environment employing air-gap architecture and lacks direct internet access. This requirement is further applicable in scenarios where the firewall is devoid of valid licenses, remains unregistered, or serves as a replacement unit as exemplified in a Return Merchandise Authorization (RMA) context.

Whether performing upgrades manually or automatically, it is crucial to consider the same upgrade path rules outlined in our article Complete guide to upgrading Palo Alto firewalls. Individuals unfamiliar with these rules are strongly encouraged to review the article before initiating any PAN-OS upgrade.

Key Topics:

Explore our dedicated Palo Alto section to access a collection of high-quality technical articles.

Downloading PAN-OS Software

Begin by downloading the needed software from the Palo Alto Networks support page. Make sure you have a valid support contract.

Once logged in, select Updates on the left pane, followed by Software Updates from the right pane:

Windows Servers

Deploying Active Directory & DNS Services on Windows Server 2022 & Elevating it to Domain Controller Role

intro windows server 2022 ad dnsThis article provides a comprehensive guide to deploying Active Directory and DNS Services on Windows Server 2022, encompassing the Essential, Standard, and Datacenter editions. Our guide also includes step-by-step instructions for promoting the Windows server to a Domain Controller (DC). To enhance user experience, we've included plenty of helpful screenshots, ensuring a smooth and uncomplicated installation process.

 

Key Topics

Explore our dedicated section on Windows Servers for a rich collection of articles providing in-depth coverage and insights into various aspects of Windows Server functionality.

Installation of Active Directory and DNS Services

To begin, in Server Manager, select Dashboard from the left pane, then Add roles and features from the right pane:

Your IP address:

18.208.203.36

FREE Hyper-V & VMware Backup

FREE Hyper-V & VMware Backup

Wi-Fi Key Generator

Generate/Crack any
WEP, WPA, WPA2 Key!

Network and Server Monitoring

Network and Server Monitoring

Follow Firewall.cx

Cisco Password Crack

Decrypt Cisco Type-7 Passwords on the fly!

Decrypt Now!

Bandwidth Monitor

Bandwidth Monitor

Free PatchManager

Free PatchManager

EventLog Analyzer

ManageEngine Eventlog Analyzer

Firewall Analyzer

zoho firewall analyzer


Featured Categories:


Top Picks:

Palo Alto Networks

How to Register a Palo Alto Firewall and Activa...

This article explains how to register and activate your Palo Alto Firewall Appliance to obtain technical support, RMA hardware replacement, product updates, antivirus updates, wildfire, antispam up...
OpManager - Network Monitoring & Management

Ensuring Enterprise Network Readiness for Mobil...

Demands for Enterprise networks to properly support mobile users is on a continuous rise making it more than ever necessary for IT departments to provide high-quality services to its users. This ar...
OpManager - Network Monitoring & Management

Free Webinar - Dealing with Remote VPN Challeng...

With a lot of enterprises switching to a work-from-home model, it is critical for admins to have a strategy in place to avoid poor performance and ensure secure access. This webinar will help you u...
Palo Alto Networks

Complete Guide: Configuring IPSec VPN between P...

This article will show you how to configure an IPSec VPN tunnel between a Palo Alto firewall (all PANOS versions) and Meraki MX security appliance. Our comprehensive guide includes IPSec VPN setup ...

SASE & SD-WAN Networks

Configuring A SASE Unified Network: Data centers, Remote Sites, VPN Users, and more

This article explores the need for Secure Access Service Edge (SASE) in today’s organizations. We show how one of the most advanced SASE platforms ...
SASE & SD-WAN Networks

Complete Guide to SD-WAN. Technology Benefits, SD-WAN Security, Management, Mobility, VPNs, Architecture & Comparison with Traditional WANs. SD-WAN Providers Feature Checklist.

SD-WAN is the answer for enterprises and organizations seeking to consolidate network functions and services while at the same time simplify their ...
SASE & SD-WAN Networks

MPLS vs. SD-WAN vs. Internet vs. Cloud Network. Connectivity, Optimization and Security Options for the ‘Next Generation WAN’

The Wide Area Network (WAN) is the backbone of the business. It ties together the remote locations, headquarters and data centers into an integrate...
SASE & SD-WAN Networks

WAN Optimization vs SD WAN Networks. Today’s Challenges & Difficulties for WAN Optimization

Enterprises have been successfully running WAN optimization appliances at their many distributed sites for years. The devices have done a good job ...

VLAN Networks

VLAN Security - Making the Most of VLANs

It's easy to see why virtual LANs have become extremely popular on networks of all sizes. In practical terms, multiple VLANs are pretty much the sa...
VLAN Networks

Static VLANs

VLANs are usually created by the network administrator, assigning each port of every switch to a VLAN. Depending on the network infrastructure and ...
VLAN Networks

The VLAN Concept - Introduction to VLANs

We hear about them everywhere, vendors around the world are constantly trying to push them into every type of network and as a result, the Local Ar...
VLAN Networks

VLANs - Access & Trunk Links

If you've read our previous article The VLAN Concept - Introduction to VLANs  then you should feel comfortable with terms such as 'VLAN',...

Routing

Hybrid Routing Protocols - Advantages and Disadvantages - Comparison

Hybrid routing protocols are a combination of distance-vector and link-state routing protocols, and are used to provide a more efficient and ...
Routing

Routed Protocols

We all understand that TCP/IP, IPX-SPX are protocols which are used in a Local Area Network (LAN) so computers can communicate between with each ot...
Routing

Link State Routing Protocols

Link State routing protocols do not view networks in terms of adjacent routers and hop counts, but they build a comprehensive view of the overall n...
Routing

OSPF - Part 2: How OSPF Protocol Works & Basic Concepts: OSPF Neighbor, Topology & Routing Table, OSPF Areas & Router Roles, Theory & Overview

This article covers basic OSPF concepts and operation. We explain how OSPF works, how OSPF tables are built on an OSPF-enabled router and their pur...

Cisco Routers

Configuring NTP on a Cisco Router (NTP Client and NTP Server)

Network Time Protocol (NTP) is a vital service not only for Cisco devices but almost every network device. Any computer-based device needs to be ac...
Cisco Switches

Password Recovery / Password Reset Procedure for Catalyst 3750-X & 3560-X Switches - Single or Stack Member Configuration

This article shows how to reset a password on a Cisco Catalyst 3750-X (stacked or single unit) and Cisco Catalyst 3560-x switch without losing its ...
Cisco Switches

Resolving Cisco Switch & Router ‘DHCP Server Pool Exhausted-Empty’ Error – Client IP Assignment Failure

In previous articles, we showed how it is possible to configure a Cisco router or Catalyst switch to provide DHCP server services to network client...
Cisco Routers

Configuring Point-to-Point GRE VPN Tunnels - Unprotected GRE & Protected GRE over IPSec Tunnels

Generic Routing Encapsulation (GRE) is a tunneling protocol developed by Cisco that allows the encapsulation of a wide variety of network layer pro...