Skip to main content

  • ManageEngine

    OpManager: Network & DC Monitoring

    Monitor & Manage Network, Datacenters, endpoints & more.

  • ManageEngine

    Patch Manager Plus

    Patch 750+ applications through one reliable platform

Latest Articles

Palo Alto Networks

Configuring QoS on Palo Alto Firewalls: Class-based Policies, QoS Profiles, Enabling QoS on Firewall Interfaces

Palo Alto Firewalls - Understanding and configuring QoSThis article’s purpose is to help you quickly master Palo Alto QoS concepts and learn to configure QoS on Palo Alto Firewalls in a simple and efficient way. QoS is considered a complicated topic however thanks to Palo Alto’s intuitive firewall GUI interface and our real-scenarios, you’ll quickly grasp all necessary QoS basics and be ready to implement your own QoS policies!

You’ll learn basic QoS terms such as Ingress and Egress traffic, Differentiated Service Code Point (DSCP), Traffic Policing, Traffic Shaping, Palo Alto QoS Classes, Palo Alto QoS Policies, how to build Palo Alto QoS policies, how to configure Palo Alto QoS Classes and finally how to enable and monitor QoS on Palo Alto firewall interfaces (both standalone & AE Aggregate interfaces), view QoS bandwidth graphs and more!

Key Topics:

Find more great articles by visiting our Palo Alto Firewall Section.

Introduction to Palo Alto QoS

QoS was born from the IEEE group during 1995-1998 by establishing the standard IEEE 802.1P. The main purpose of QoS is to prioritise desired traffic over other type of traffic or to limit the amount of bandwidth applications can consume, by utilizing different mechanisms. This ensures network performance, avoids bottlenecks, congestion or overutilization of network links. A frequently used example of QoS is the prioritising Real-time traffic e.g voice or video, over other type of traffic:

Palo Alto Firewall - QoS Priority Queues & Packet PrioritizationQoS Priority Queues - Packet classification and prioritization

In the example above, voice packets (blue) are given a higher priority against others, therefore immediately being forwarded by the firewall out via the output interface. Since voice packets are very sensitive to delay, they are usually handled with priority to avoid issues in a real-time voice streams e.g VoIP telephone call between two endpoints.

Overview of QoS Configuration on Palo Alto Firewalls

ManageEngine Firewall Analyzer

Dealing with Security Audit Challenges: Discovering vulnerabilities, unauthorized access, optimize network security & reporting

manageengine firewall analyzer - dealing with security audit challengesThe utilization of log analyzers, such as Firewall Analyzer, in network infrastructure plays a pivotal role in enhancing cybersecurity and fortifying the overall security posture of an organization. Security audits, facilitated by log analyzers, serve as a critical mechanism for systematically reviewing and analyzing recorded events within the network.

This proactive approach enables the identification of potential security risks, unauthorized access attempts, and abnormal activities that might signify a breach. The log analyzer sifts through vast amounts of data & logs, providing insights into patterns and anomalies that might go unnoticed otherwise.

By uncovering vulnerabilities and irregularities, organizations can take timely corrective actions, preventing potential security breaches. Moreover, the information gleaned from these audits is instrumental in formulating a comprehensive security strategy that extends across the entire network infrastructure.

ManageEngine Firewall Analyzer dashboard
ManageEngine Firewall Analyzer dashboard (click to enlarge)

This strategic approach ensures a holistic defense against cyber threats, fostering a resilient and adaptive cybersecurity framework that aligns with the evolving landscape of security challenges.

This article will delve into the concept of security audits and how a product like Firewall Analyzer can streamline this crucial procedure.

Key Topics:

Download your copy of ManageEngine's popular Firewall Analyzer here.

Security Audits Explained

Palo Alto Networks

How to Manually Download, Import & Install PAN-OS on Palo Alto Firewalls via CLI & Web GUI interface

Palo Alto PAN-OS Manual update - upload - upgradeThis article provides comprehensive guidance on the manual processes involved in downloading, uploading, and installing (import) any PAN-OS version on a Palo Alto Firewall. It details the steps for searching and downloading the desired PAN-OS version, as well as the supported methods for uploading the software to your Palo Alto Firewall, including Web, TFTP, and SCP. Additionally, the article offers valuable tips aimed at facilitating a smooth and successful upgrade process.

The necessity for a manual upgrade of a Palo Alto firewall arises in instances where the system operates within an isolated environment employing air-gap architecture and lacks direct internet access. This requirement is further applicable in scenarios where the firewall is devoid of valid licenses, remains unregistered, or serves as a replacement unit as exemplified in a Return Merchandise Authorization (RMA) context.

Whether performing upgrades manually or automatically, it is crucial to consider the same upgrade path rules outlined in our article Complete guide to upgrading Palo Alto firewalls. Individuals unfamiliar with these rules are strongly encouraged to review the article before initiating any PAN-OS upgrade.

Key Topics:

Explore our dedicated Palo Alto section to access a collection of high-quality technical articles.

Downloading PAN-OS Software

Begin by downloading the needed software from the Palo Alto Networks support page. Make sure you have a valid support contract.

Once logged in, select Updates on the left pane, followed by Software Updates from the right pane:

Windows Servers

Deploying Active Directory & DNS Services on Windows Server 2022 & Elevating it to Domain Controller Role

intro windows server 2022 ad dnsThis article provides a comprehensive guide to deploying Active Directory and DNS Services on Windows Server 2022, encompassing the Essential, Standard, and Datacenter editions. Our guide also includes step-by-step instructions for promoting the Windows server to a Domain Controller (DC). To enhance user experience, we've included plenty of helpful screenshots, ensuring a smooth and uncomplicated installation process.

 

Key Topics

Explore our dedicated section on Windows Servers for a rich collection of articles providing in-depth coverage and insights into various aspects of Windows Server functionality.

Installation of Active Directory and DNS Services

To begin, in Server Manager, select Dashboard from the left pane, then Add roles and features from the right pane:

Your IP address:

35.170.64.185

FREE Hyper-V & VMware Backup

FREE Hyper-V & VMware Backup

Wi-Fi Key Generator

Generate/Crack any
WEP, WPA, WPA2 Key!

Network and Server Monitoring

Network and Server Monitoring

Follow Firewall.cx

Cisco Password Crack

Decrypt Cisco Type-7 Passwords on the fly!

Decrypt Now!

Bandwidth Monitor

Bandwidth Monitor

Free PatchManager

Free PatchManager

EventLog Analyzer

ManageEngine Eventlog Analyzer

Firewall Analyzer

zoho firewall analyzer


Featured Categories:


Top Picks:

Virtualization & VM Backup

6 Key Areas to Consider When Selecting a VM Bac...

Backup and Disaster recovery are core considerations for any business with an IT footprint, whether that is on-premises or in the cloud. Your business depends on reliable IT systems to support the...
Virtualization & VM Backup

Understanding Deduplication. Complete Guide to ...

When considering your VM backup solution, key features such as deduplication are incredibly important. This is not simply from a cost perspective but also an operational one. While is it true that ...
Virtualization & VM Backup

Differences Between VMware vSphere, vCenter, ES...

In this article we will cover the differences between VMware ESXi, vSphere and vCenter while also explain the features supported by each vSphere edition: vSphere Standard, Enterprise plus and Plant...
Virtualization & VM Backup

SysAdmin Day 2020 - Get your Free Amazon Vouche...

SysAdmin Day has arrived, and with it, gratitude for all the unsung heroes that 2020 has needed. Your hard work has made it possible for all of us to keep going, despite all challenges thrown our w...

SASE & SD-WAN Networks

Converged SASE Backbone – How Leading SASE Provider, Cato Networks, Reduced Jitter/Latency and Packet Loss by a Factor of 13!

Global connectivity is top of mind for many IT teams at organizations of all sizes. We are currently in the middle of a dramatic shift in business ...
SASE & SD-WAN Networks

SASE and VPNs: Reconsidering your Mobile Remote Access and Site-to-Site VPN strategy

The Virtual Private Network (VPN) has become the go to security solution for keeping communications between networks and endpoints secure. After al...
Security Service Edge (SSE)

Security Service Edge (SSE) Limitations & Disadvantages. Protecting all Traffic, Users, Apps, and Services with 360-degree SSE

This article explores the Security Service Edge (SSE) portion of Secure Access Service Edge (SASE) and the need for holistic cybersecurity protecti...
SASE & SD-WAN Networks

Understanding Secure Access Service Edge (SASE) and how it integrates with SD-WAN

Software Defined Wide Area Networking (SD-WAN) is changing the way that businesses connect to the cloud. With SD-WAN, organizations can move away f...

VLAN Networks

Static VLANs

VLANs are usually created by the network administrator, assigning each port of every switch to a VLAN. Depending on the network infrastructure and ...
VLAN Networks

The VLAN Concept - Introduction to VLANs

We hear about them everywhere, vendors around the world are constantly trying to push them into every type of network and as a result, the Local Ar...
VLAN Networks

VLAN Tagging - Understanding VLANs Ethernet Frames

We mentioned that Trunk Links are designed to pass frames (packets) from all VLANs, allowing us to connect multiple switches together and independe...
VLAN Networks

VLANs - IEEE 802.1q Trunk Link Protocol Analysis

While the VLAN Tagging article briefly covered the IEEE 802.1q protocol this article will continue building upon it by further analyzing the IEEE 8...

Routing

Introduction to Routing Protocols

Distance Vector, Link State RIP, IGRP, EIGRP, OSPF Routing protocols were created for routers. These protocols have been designed to allow the e...
Routing

OSPF - Part 3: OSPF Adjacency & Neighbor Forming Process. OSPF Hello Messages, OSPF Database Updates via Link State Requests (LSR & LSU)

This is the thrid article of our 6-part OSPF series (see below) that describes how OSPF routers perform neighbor relationship and adjacency. We’ll ...
Routing

OSPF - Part 4: OSPF Neighbor States – OSPF Neighbor Forming Process

This is the third article of our OSPF series which analyzes the different OSPF States routers go through during the OSPF discovery and neighbor for...
Routing

The IP Routing Process - Step-by-Step Analysis

We are going to analyse what happens when routing occurs on a network (IP routing process). When I was new to the networking area, I thought that a...

Cisco Firewalls

Upgrading - Uploading AnyConnect Secure Mobility Client v4.x SSL VPN on Cisco ASA 5506-X, 5508-X, 5512-X, 5515-X, 5516-X, 5525-X, 5545-X, 5555-X, 5585-X

This article will show how to download and upload the newer AnyConnect 4.x VPN clients to your Cisco ASA Firewall appliance (5500 & 5500-X Seri...
Cisco Routers

How To Secure Your Cisco Router Using Cisco AutoSecure Feature

In today’s complex network environments securing your network routers can be a daunting task, especially when there are so many CLI commands and pa...
Cisco Routers

Configuring Cisco Site to Site IPSec VPN with Dynamic IP Endpoint Cisco Routers

This article serves as an extension to our popular Cisco VPN topics covered here on Firewall.cx. While we’ve covered Site to Site IPSec VPN Tunnel ...
Cisco Routers

How to Restrict Cisco IOS Router VPN Client to Layer-4 (TCP, UDP) Services - Applying IP, TCP & UDP Access Lists

In our article Cisco VPN Client Configuration - Setup for IOS Router  we explained how to setup up a Cisco IOS router to support Cisco IPSec V...