You're reading from Mastering Palo Alto Networks Deploy and manage industry-leading PAN-OS 10.x solutions to secure your users and infrastructure

Product type Paperback

Published in Sep 2020

Publisher Packt

ISBN-13 9781789956375

Length 514 pages

Edition 1st Edition

Tools

Palo Alto Networks

Concepts

Networking

Author (1):

Tom Piens Aka 'Reaper'

View More author details

Table of Contents (18) Chapters

Preface

1. Section 1: First Steps and Basic Configuration

2. Chapter 1: Understanding the Core Technologies FREE CHAPTER

3. Chapter 2: Setting Up a New Device

4. Section 2: Advanced Configuration and Putting the Features to Work

5. Chapter 3: Building Strong Policies

6. Chapter 4: Taking Control of Sessions

7. Chapter 5: Services and Operational Modes

8. Chapter 6: Identifying Users and Controlling Access

9. Chapter 7: Managing Firewalls through Panorama

10. Section 3: Maintenance and Troubleshooting

11. Chapter 8: Upgrading Firewalls and Panorama

12. Chapter 9: Logging and Reporting

13. Chapter 10: VPN and Advanced Protection

14. Chapter 11: Troubleshooting Common Session Issues

15. Chapter 12: A Deep Dive into Troubleshooting

16. Chapter 13: Supporting Tools

17. Other Books You May Enjoy

Leave a review - let other readers know what you think

User credential detection

With phishing being a significant attack vector, user education is a very hot topic on many corporations' cybersecurity awareness programs. Being able to prevent users from sharing their credentials on an untrusted website is a good second line of defense in case a user does slip up.

As you can see in the following screenshot, in the URL filtering security profile, there is a column called User Credential Submission. Any categories set to block will not allow users to submit credentials.

A user will not be allowed to log on if a site is categorized as belonging to the malware category and if malware is set to block for USER CREDENTIAL SUBMISSION.

Any category set to continue will first warn the user that they are submitting credentials to a site and will require acknowledgment of their actions. Any category set to alert (with logging) or allow will let the user submit their credentials:

Important note

SSL decryption is required to be able...