Hardware IP Address Blocking
When the firewall blocks a source IP address, such as when you configure a Classified DoS Protection policy rule with the Action to Protect, or a Security policy with a Vulnerability Protection profile, the firewall automatically blocks that traffic in hardware before those packets use CPU or packet buffer resources.
Hardware IP address blocking is supported on PA-3060 firewalls, PA-3050 firewalls, PA-5000 Series firewalls, PA-5200 Series firewalls, and PA-7000 Series firewalls.
You can Monitor Blocked IP Addresses, for example to get more information about an IP address on the block list, change how long hardware blocks IP addresses, and delete an IP address from the list if you think it shouldn’t be blocked.
- View block list entries.
- Select MonitorBlock IP List.Entries on the block list indicate whether they were blocked by hardware (hw) or software (sw).
- To view details about an address on the block list, hover over a Source IP address and click the down arrow link. Click the Who Is link, which displays Network Solutions Who Is information about the address.
- Select MonitorBlock IP List.
- Delete block list entries.You might want to delete an entry if you determine an IP address shouldn’t be blocked. You should then revise the policy rule that caused the firewall to block the address.
- Select MonitorBlock IP List.
- Select one or more entries and click Delete.
Monitor Blocked IP Addresses
Monitor Blocked IP Addresses The firewall maintains a block list of source IP addresses that it’s blocking. When the firewall blocks a source IP address, ...
Monitor Block List
Monitor Block List There are two ways you can cause the firewall to place an IP address on the block list: Configure a Vulnerability Protection ...
Block IP List Entries
Block IP List Entries The following table explains the block list entry for a source IP address that the firewall is blocking. Field Description Block ...
Monitor > Block IP List
Monitor > Block IP List You can configure the firewall to place IP addresses on the block list in several ways, including the following: Configure ...
View or Delete Block IP List Entries
View or Delete Block IP List Entries Navigate the Block IP list entries, view detailed information, and delete an entry if desired. View or Delete ...
Multiple-Session DoS Attack
Multiple-Session DoS Attack Configure DoS Protection Against Flooding of New Sessions by configuring a DoS Protection policy rule, which determines the criteria that, when matched ...
Extended SNMP Support
Extended SNMP Support PAN-OS support for Simple Network Management Protocol ( SNMP ) now includes the following features. To access the latest MIBs, refer to ...
Networking Features New Networking Features Description Tunnel Content Inspection The firewall can now inspect the traffic content of cleartext tunnel protocols: Generic Routing Encapsulation (GRE) ...
Create Data Center Traffic Block Rules
Block traffic you know you don’t want in your data center and use block rules to discover unknown applications and users. ...