09 juli 2021

ACTION NEEDED for kunder som har Cortex Data Lake!

2 min lesetid

09. juli 2021

Viktig melding fra Palo Alto Networks.

26. juli oppgraderes Cortex Data Lake infrastrukturen til nyere datasentre i skyen. I forbindelse med dette må alle Cortex Data Lake kunder fullføre to spesifikke handlingselementer.


ACTION 1: (TO BE COMPLETED BEFORE JULY 22nd)

If you are not restricting the Panorama and Firewall connectivity to the Cortex Data Lake; or using our recommended APP-ID implementation to manage this connectivity, you can ignore this action item. However, If you are managing the Panorama and Firewall connectivity to the Cortex Data Lake through another vendor firewall, then please update the policies to allow connectivity to the following FQDNs before the migration date.
    1. US: allow traffic to *.cdl.paloaltonetworks.com (TCP 3978, TCP 444), or to specific FQDNs,
      1. firewall-prd1.us.cdl.paloaltonetworks.com (TCP 3978)
      2. pcl-prd1.us.cdl.paloaltonetworks.com (TCP 444)
      3. lic.lc.prod.us.cs.paloaltonetworks.com (TCP 444)
    2. EU: allow traffic to *.cdl.paloaltonetworks.com (TCP 3978, TCP 444), or to specific FQDNs,
      1. firewall-prd1.nl.cdl.paloaltonetworks.com (TCP 3978)
      2. pcl-prd1.nl.cdl.paloaltonetworks.com (TCP 444)
      3. lic.lc.prod.us.cs.paloaltonetworks.com (TCP 444)
    3. Do not remove current IP addresses from the access list.


ACTION ITEM 2 (TO BE COMPLETED POST MIGRATION ON JULY 26th ONLY if Firewalls have issues connecting to Cortex Data Lake)

Please restart the log receiver on all your physical firewalls that are having issues (as identified by those that are not sending logs to Cortex Data Lake post-migration), using the command “debug software restart process log-receiver “.

  1.  If you are currently hosted in our Europe Data Center, perform this action item on July 26th Tuesday at 2 PM PT
  2.  If you are currently hosted in our US Data Center, perform this action item on July 26th Tuesday at 10 PM PT

IMPORTANT: Not completing these action items on time can cause delays/issues in receiving your logs.
If you have any technical questions or see any issues after the migration, please contact support.


Har du spørsmål om oppgraderingen ta kontakt med oss.
Relaterte tema: Palo Alto Networks
Hugo Fernandez

Skrevet av Hugo Fernandez

Hugo har lang erfaring fra IT-bransjen og har de siste årene jobbet som salgssjef hvor han har levert sikkerhets- og netttverksløsninger til store og små kunder. Hans (og vårt) mål er at alle norske bedrifter skal ha samme mulighet til å sikre sine digitale verdier, uavhengig av størrelse.

Relaterte artikler