Keeping your Palo Alto Firewall up to date with the latest PAN-OS software updates is an important step to ensure your organization is protected against the PAN-OS latest software vulnerabilities, software bugs but at the same time take advantage of Palo Alto’s latest security enhancements and capabilities.

While Palo Alto Networks makes the software upgrade process an easy task, sometimes problems can occur. One frequently seen issue is the “Error: Image File Authentication Error – Failed to Load into Software Manager” error when trying to download a new software image.

This error can occur on a standalone or HA-Pair Firewall configuration:

Additional technical articles are available in our Palo Alto Firewall Section.

How to Fix the 'Image File Authentication Error'

SQL injection vulnerabilities have held the first spot on the OWASP Top 10 list for quite some time. This is due to the fact that they are both still widespread and can lead to very serious consequences. Many major security breaches were caused by SQL injections, even in recent months. For example, this type of vulnerability caused a leak of financial data for more than 70 percent of citizens of Bulgaria.

However, SQL vulnerabilities are also easy to discover automatically using web vulnerability scanners. Advanced web security scanning software like Acunetix can detect even the more advanced type of SQL injections such as blind SQL injections. SQL injections are also easy to fix and avoid. Developers can use parameterized queries (prepared statements) or stored procedures to avoid the root cause of SQL injections, which is the direct use of untrusted user input in SQL queries.

In this article, we will show you how to scan your web applications for SQL injections using the latest version of Acunetix. The scan will be performed on the VulnWeb site by Acunetix, which is intentionally vulnerable to attacks. The article assumes that you have downloaded and installed the Acunetix demo.

Here is an overview of what we’ve got covered:

• Step 1 – Creating a Scan Target
• Step 2 – Performing a Scan
• Step 3 – Interpreting Results
• Summary

Free Download - Web Application Vulnerability and Network Scanner

With nearly every business sector relying on the internet and digital tools to function, it is no surprise that cybersecurity is the second-fastest growing industry. Hackers don’t care how large or small your company is. They will target all sizes in an all-out effort to steal data, access confidential or classified information, cause mayhem, and hurt the organization's reputation.

Fortunately, not all hackers have nefarious intentions. The open source community is full with experts who are looking to warn people about threats and find the most effective ways to keep data safe. Many of those experts are a part of the Open Web Application Security Project (OWASP).

In this article, we'll cover the basics of OWASP and the critical role this work plays in the everyday operation of computers, servers, and other forms of modern technology. Topics covered include:

• What is OWASP? Introduction to Open Web Application Security Project
• Importance of Vendor Neutrality (OWASP)
• Why Web Application Security Matters
• The OWASP Top 10 List
• Accessing Digital Resources Securely
• Summary

Scan and detect websites for over 5700 vulnerabilities using Acunetix Web Vulnerability Scanner. Free Download

OWASP was originally founded in 2001 by Mark Curphey and is run as a not-for-profit organization in the United States. The bulk of its contributors are pulled from the open-source community. Today, more than 32,000 people volunteer as part of OWASP's efforts, with much of their communication coming through message boards or email distribution lists.

The organization is designed to be an unbiased group focused on the best interests of the technology world as a whole. They will not promote specific vendor products or solutions. Instead, OWASP aims to provide practical information to organizations all across the world, with the goal of offering helpful security advice to bring about more informed decisions.

Where OWASP becomes particularly valuable is too small and medium-sized businesses that may not have a large IT budget and lack expertise when it comes to cybersecurity. Thanks to the documentation that OWASP creates, these types of organizations can gain a better understanding of where their systems are vulnerable and how to protect themselves better.

If you’ve heard of OWASP, it’s likely been in conjunction with a report they update every few years known as the OWASP Top 10. The list covers the most relevant cybersecurity threats facing the global community. Later in this article, we'll dive into some of the specifics referenced in the Top 10.

This article explains how to register and activate your Palo Alto Firewall Appliance to obtain technical support, RMA hardware replacement, product updates, antivirus updates, wildfire, antispam updates, Threat Prevention, URL Filtering, Global Protect and more. The article covers all Palo Alto Firewalls including: PA-220, PA-820, PA-850, PA-3220, PA-3250, PA-3260, PA-5220, PA-5250, PA-5260, PA-5280, PA-7050, PA-7080 and all VM Series.

Customers purchasing a new Palo Alto Firewall appliance or support contract will receive an authorization code which is required to activate their technical support, license and service subscriptions – this, plus lots more useful information is included below.

Let’s take a look at what’s covered in this article:

• Benefits of a Support Account, Firewall Registering and License Activation
• Creating a Palo Alto Support Account – New Customers
• Registering a Palo Alto Device – New & Existing Customers
• Activating Palo Alto Support and Subscription License
• Summary

Additional technical articles are available in our Palo Alto Firewall Section

The diagram below shows the steps new customers should follow to successfully register and activate their Palo Alto products:

Benefits of a Support Account, Firewall Registration and License Activation

Registering your security appliance has many benefits, especially when you consider that any unpatched or outdated security appliance is unable to provide adequate protection against today’s complex and intelligent security threats. Furthermore by registering your appliance you are protecting your investment as you become a ‘known’ customer to Palo Alto allowing you to engage the vendor and benefit from the wide range of services offered.

By creating a Support Account, registering your Firewall appliance and activating your License you’ll be able to perform the following:

• Register and manage your firewall appliances(s). Palo Alto call these “Assets”
• Create and manage support cases
• Create and manage users from your organization
• Give members of your team access to Palo Alto support services
• Gain access to a variety of tools found in the support portal
• Obtain knowledge and answers to questions
• Obtain access to the Palo Alto live community
• Download PAN-OS (Palo Alto Operating System) software updates for your device
• Download Antivirus updates
• Download Antispam updates
• Download Threat protection updates
• Update App-ID Database on your device
• Ensure the URL Filtering engine is up to date
• Gain access to Wildfire which allows the firewall to safely ‘detonate’ suspicious files in the cloud

The above list is indicative and shows the variety of services offered to registered Palo Alto customers with an active subscription service.

Creating a Palo Alto Support Account - New Customers

Enterprises have been successfully running WAN optimization appliances at their many distributed sites for years. The devices have done a good job of helping businesses squeeze as much capacity as possible out of their WAN links and to improve performance across low-bandwidth, long-distance network circuits.

WAN optimizers were a boon to telecom budgets when network bandwidth was particularly pricey. Businesses also have used the devices to prioritize applications that are sensitive to delay and packet loss--particularly when traffic is shuttled among corporate-controlled sites.

However, changes in network traffic patterns and application protocols, the tendency to encrypt data in transit, the emergence of software-defined WAN (SD-WAN) and other factors are all challenging the need for WAN optimization in the edge appliance form factor that IT shops have traditionally deployed.

Shifting Network Landscape

While historically most application requests were directed inward, toward corporate data centers, most are now outbound, toward cloud and Internet locations. As the software as a service (SaaS) computing model continues to gain steam, these trends will only get stronger.

With much of corporate traffic headed toward the cloud, enterprises have little or no control over the far-end site. As a result, it becomes difficult to support a network topology requiring optimization appliances at both ends of the WAN link. Ever try asking Salesforce.com if you could install your own, specially configured WAN optimization appliance in their network? Good luck.

In addition, today’s security schemes can throw a wrench into traditional WAN optimization setups. Nearly all cloud-bound traffic is SSL/TLS-encrypted from the workstation to the cloud using keys that aren’t readily accessible. WAN optimizers can’t see that traffic to shape or treat it, unless the device is brought into the certification path for decryption and re-encryption before delivery. Adding that step introduces a processing burden to the optimization appliance that can impede scalability.

Another change factor is that Internet bandwidth is more plentiful than it was when WAN optimizers came to market, and it’s far more affordable than MPLS capacity. So the requirement to compress data and deduplicate packets to conserve expensive bandwidth, which traditional WAN optimizers are good at, has become less stringent.