my world of IT

If you are looking to build out Zone Protection Profiles on your Palo Alto Networks Next Generation Firewall then it can be handy to know just what your connections per second metrics look over time for each zone. Quite lucky Palo Alto Networks have a little (although not entirely descript) guide on where you can get this data – https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/zone-protection-and-dos-protection/zone-defense/take-baseline-cps-measurements-for-setting-flood-thresholds/how-to-measure-cps.html…. Read more

Not meant as a complete in depth guide but certainly enough to point you in the right direction here’s my list of the most commonly seen (from my point of view) HPE Aruba (e.g. the 2540, 2930F, 5400R series) fibre optics and their respective part numbers: The format is effectively <Speed> <Fibre Type> <Maximum Range> – <Part Code> 1Gbit Multi… Read more

In configuring the Microsoft Intune Certificate Connector and attempting to issue certificates to your client via Intune you might run into the error message below. IssuePfx – COMException: System.Runtime.InteropServices.COMException (0x80094800): The requested certificate template is not supported by this CA. (Exception from HRESULT: 0x80094800)at CERTENROLLLib.IX509CertificateRequestPkcs10V2.InitializeFromTemplateName (X509CertificateEnrollmentContext Context, String strTemplateName) at Microsoft.Management.Services.NdesConnector.MicrosoftCA.GetCertificate (PfxRequestDataStorage pfxRequestData, String& certificate, String& password) Failed to issue… Read more

The default graph options in PRTG (Setup > System Administration > User Interface) for extended periods of time (e.g. over 10 days) will display the average over a set period (e.g. 1 hour) – while this may be ideal for some data on occasion you may want to display the maximum or minimum value for the data over that period…. Read more

In looking to keep occupied with the current pandemic going on I’ve taken my Microelectronics projects to a new level and have over the past few weeks kicked out a series of soil moisture sensors which are powered by battery (18650) with a small solar panel keeping them topped up. As the battery charges/discharges the voltage changes and moves outside… Read more

So after realising that my desktop PC has been running in BIOS mode (how 1970s and probably the result of multiple clones from HDD to 10k HDD, to 10k HDD in RAID0 to SSD and to another SSD) and with a free weekend I thought it was time to have a look at the MBR2GPT tool. However in running the… Read more

Today we have the answer to the question – Without SSL decryption how many threats/attempted vulnerability exploits/other bad stuff will I miss that are coming from the internet at my internally hosted (externally published) web sites and services? To run some simple tests (which will be detected as malicious attacks) I’m going to be running the Nessus scanner against a… Read more

In this (long overdue) edition of from around the web we have a really simple (and largely free) tool to forward Windows logs, a guide on configuring Office 365 with some cool email security features and a super simple (barebones) digital signage package for the Raspberry Pi. NXLog: Capture logs from Windows systems (in a nice way!) With the centralised… Read more

Graylog is a brilliant (and Open Source) tool to easily capture logs from a variety of systems including good old fashioned syslog. In the screenshot guide below you will learn how to use a set of extractors I constructed to parse out useful information from PAN NGFW syslog. The link to the source files mentioned is: https://github.com/jamesfed/PANOSGraylogExtractor

For some time there have been plenty of examples of backing up Palo Alto Firewalls with curl commands (extracting the files using the XML API) however that may not sit well with some Windows administrators who want to use PowerShell. As such I’ve put together the BackupPANNGFWConfig repo on GitHub which contains the scripts to get ahold of the API… Read more