Palo Alto - Temporarily Block Attackers [2025]

🔒 In this video I'll show you one neat configuration on the Palo Alto Firewall to stop or slow down internet attackers, in order to keep your public servers safe. This is a rather straightforward configuration to setup, but for some reason, I haven't seen it being implemented very often! 🛡 We will use Panorama to push the configuration to our perimeter firewall. For this configuration, you'll need the Threat Prevention license. 🚫 We're going to leverage the Vulnerability Protection feature to automatically identify and block attackers for a defined period time. In this tutorial, we are going to configure a 24 hour quarantine for these bad IPs. 🌐 Useful Links - Data Redistribution video: https://youtu.be/TEXU5LI72t4 - NETSums Resources: https://netsums.com/resources - Palo Alto Training (preparation for PCNSA): https://netsums.com/training 👍 Like, Share, and Subscribe for More: If you find this tutorial helpful, don't forget to give it a thumbs up, share it with your colleagues, and subscribe to our channel for more in-depth tutorials on network security and technology best practices. 🔗 Connect with Us: If you have questions, suggestions, or any kind of feedback, please don't hesitate to comment below! We will reply as soon as possible. #PaloAlto #NetworkSecurity #Tutorial #itsecurity #IdentityManagement #paloaltofirewall #paloaltonetworks #firewall Timeline: 00:00 Temporarily Block Attackers 00:42 Tag 01:20 Address group 02:05 Log Forwarding 07:14 Data redistribution 09:00 Security rule to block bad IPs 10:50 Security rule to detect threat 12:22 Attack simulation 12:59 Firewall threat Logs 13:27 Removing IPs from blacklist 14:46 Avoiding blocking own IPs