- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
Palo Alto Data Redistribution and HIP - Step-by-Step
Your GlobalProtect gateway holds rich HIP posture data — antivirus state, disk encryption, patch level — but every other firewall in your fleet is blind to it. In this tutorial we wire up PAN-OS 11.x Data Redistribution so a single GP gateway becomes a Collector, and any datacenter or branch firewall pulls HIP data as an Agent — with TLS handled automatically and trust based on a Collector Name + Pre-Shared Key.
By the end you'll have posture-aware policy enforced on a firewall that never terminates a GP tunnel.
What you'll learn:
• How HIP Data Redistribution actually works (Collector vs Agent — the part the docs make confusing)
• Configure Collector Settings on the GP gateway (port 5007, PSK, no manual certs)
• Add a Data Redistribution Agent on a datacenter firewall and subscribe to HIP
• Verify the channel from both sides — GUI + CLI (show redistribution service client / show redistribution agent state all)
• Build local HIP Objects and HIP Profiles on the receiving firewall — and why they're independent of the gateway
• Write Allow / Deny security policy driven by HIP Profile match
• Test compliant vs non-compliant endpoints and read the right logs (Monitor → HIP Match vs Monitor → Logs → Traffic)
• Common silent-failure trap: mismatched Pre-Shared Key
Chapters:
00:00 Intro — why HIP data needs to travel
00:48 Architecture: Collector + Agent + Pre-Shared Key
02:48 Step 1 — Configure the Collector (GP gateway)
03:41 Step 2 — Add the Redistribution Agent (datacenter firewall)
05:50 Step 3 — Verify the channel (GUI + CLI)
08:13 Step 4 — Create the HIP Object and HIP Profile
10:17 Step 5 — Security policy rules
11:44 Step 6 — Test compliant vs non-compliant
13:13 Wrap-up
Who this is for:
Network security engineers running Palo Alto Networks NGFWs who want HIP-based enforcement on internal segmentation, datacenter, or branch firewalls — without replicating GlobalProtect across every box.
PAN-OS version: 11.x (works on 10.2 with minor menu differences)
If this saved you a license-budget conversation — like, subscribe, and drop in the comments how many firewalls in your fleet could consume this data.
#PaloAlto #PANOS #GlobalProtect #HIP #NetworkSecurity #Cybersecurity #Firewall #ZeroTrust #DataRedistribution #EnterpriseSecurity
Disclaimer: This video is for educational and news purposes only. All information presented is to help viewers understand security vulnerabilities and how to protect themselves. We do not encourage or condone illegal hacking or unauthorized access to any system.
Видео Palo Alto Data Redistribution and HIP - Step-by-Step канала marIA
By the end you'll have posture-aware policy enforced on a firewall that never terminates a GP tunnel.
What you'll learn:
• How HIP Data Redistribution actually works (Collector vs Agent — the part the docs make confusing)
• Configure Collector Settings on the GP gateway (port 5007, PSK, no manual certs)
• Add a Data Redistribution Agent on a datacenter firewall and subscribe to HIP
• Verify the channel from both sides — GUI + CLI (show redistribution service client / show redistribution agent state all)
• Build local HIP Objects and HIP Profiles on the receiving firewall — and why they're independent of the gateway
• Write Allow / Deny security policy driven by HIP Profile match
• Test compliant vs non-compliant endpoints and read the right logs (Monitor → HIP Match vs Monitor → Logs → Traffic)
• Common silent-failure trap: mismatched Pre-Shared Key
Chapters:
00:00 Intro — why HIP data needs to travel
00:48 Architecture: Collector + Agent + Pre-Shared Key
02:48 Step 1 — Configure the Collector (GP gateway)
03:41 Step 2 — Add the Redistribution Agent (datacenter firewall)
05:50 Step 3 — Verify the channel (GUI + CLI)
08:13 Step 4 — Create the HIP Object and HIP Profile
10:17 Step 5 — Security policy rules
11:44 Step 6 — Test compliant vs non-compliant
13:13 Wrap-up
Who this is for:
Network security engineers running Palo Alto Networks NGFWs who want HIP-based enforcement on internal segmentation, datacenter, or branch firewalls — without replicating GlobalProtect across every box.
PAN-OS version: 11.x (works on 10.2 with minor menu differences)
If this saved you a license-budget conversation — like, subscribe, and drop in the comments how many firewalls in your fleet could consume this data.
#PaloAlto #PANOS #GlobalProtect #HIP #NetworkSecurity #Cybersecurity #Firewall #ZeroTrust #DataRedistribution #EnterpriseSecurity
Disclaimer: This video is for educational and news purposes only. All information presented is to help viewers understand security vulnerabilities and how to protect themselves. We do not encourage or condone illegal hacking or unauthorized access to any system.
Видео Palo Alto Data Redistribution and HIP - Step-by-Step канала marIA
palo alto palo alto networks pan-os pan-os 11 pan-os 11.x globalprotect gp gateway hip hip profile hip object host information profile data redistribution redistribution agent redistribution collector palo alto firewall ngfw network security firewall tutorial zero trust posture based access enterprise security cybersecurity mariainfosec
Комментарии отсутствуют
Информация о видео
9 мая 2026 г. 18:18:08
00:13:57
Другие видео канала
![🚨 [CVE-2026-25108] CISA Alerts on FileZen CVE-2026-25108 Exploitation](https://i.ytimg.com/vi/tZbi4yBy4A0/default.jpg)
🚨 [CVE-2026-25108] CISA Alerts on FileZen CVE-2026-25108 Exploitation
![🚨 [CVE-2025-31277] CISA Urges Patching for Apple and CMS Flaws #Shorts](https://i.ytimg.com/vi/lusUDdMekOs/default.jpg)
🚨 [CVE-2025-31277] CISA Urges Patching for Apple and CMS Flaws #Shorts
WARNING: Checkmarx GitHub ACTIONS HACKED! Your data is at risk! #Shorts
WARNING: Citrix NetScaler Flaw Exposes Your Data NOW! #Shorts
![[CVE-2026-21666] Veeam Patches Critical Backup Flaws +++ Follow for more +++ #Shorts](https://i.ytimg.com/vi/86UZk0tV89I/default.jpg)
[CVE-2026-21666] Veeam Patches Critical Backup Flaws +++ Follow for more +++ #Shorts
![[CVE-2017-7921] Critical Flaws Added to CISA KEV Catalog +++ Follow for more +++ #Shorts](https://i.ytimg.com/vi/UX92-LbyycA/default.jpg)
[CVE-2017-7921] Critical Flaws Added to CISA KEV Catalog +++ Follow for more +++ #Shorts
WARNING: Quest KACE Systems HACKED – Are You At Risk? #Shorts
![[CVE-2025-66376] CISA Warns of Zimbra and SharePoint Flaws +++ Follow for more + #Shorts](https://i.ytimg.com/vi/kkeZEec_VRo/default.jpg)
[CVE-2025-66376] CISA Warns of Zimbra and SharePoint Flaws +++ Follow for more + #Shorts
![🚨 [CVE-2025-49113] CISA Flags Roundcube Vulnerabilities as Exploited](https://i.ytimg.com/vi/QttjTeDjvxg/default.jpg)
🚨 [CVE-2025-49113] CISA Flags Roundcube Vulnerabilities as Exploited
WARNING: Citrix NetScaler has a critical data leak risk! #Shorts
![[CVE-2026-20122] Cisco Vulnerabilities Under Active Exploitation +++ Follow for #Shorts](https://i.ytimg.com/vi/CEkGAZu-0xc/default.jpg)
[CVE-2026-20122] Cisco Vulnerabilities Under Active Exploitation +++ Follow for #Shorts
WARNING: Your Docker Containers are at RISK Right Now! #Shorts
WARNING: Your F5 BIG-IP APM is under ACTIVE ATTACK now! #Shorts
WARNING: Trivy's GitHub Actions HACKED—Your secrets at risk! #Shorts
WARNING: Trivy Vulnerability Scanner COULD be putting you at RISK #Shorts
Top 8 Open-Source Hacking Tools You Should Know in 2026
![🚨 [CVE-2026-32746] Critical Telnetd Flaw Enables Root RCE #Shorts](https://i.ytimg.com/vi/lu6vGL9LXaY/default.jpg)
🚨 [CVE-2026-32746] Critical Telnetd Flaw Enables Root RCE #Shorts
![🚨 [CVE-2023-XXXXX] Critical IP KVM Vulnerabilities Expose Root Access #Shorts](https://i.ytimg.com/vi/leabNW8e_Xs/default.jpg)
🚨 [CVE-2023-XXXXX] Critical IP KVM Vulnerabilities Expose Root Access #Shorts
WARNING: Microsoft Visual Studio Code is a HACKER'S TRAP! #Shorts
![🚨 [CVE-2023-4567] OpenClaw Flaw Enables AI Hijacking via WebSocket](https://i.ytimg.com/vi/J3aQGCdjpt8/default.jpg)
🚨 [CVE-2023-4567] OpenClaw Flaw Enables AI Hijacking via WebSocket
