Conferences & Events
Events for all Levels and InterestsStay
Jump Start Your Career GrowthStay
Get on the Higher Ed IT MapStay
Uncommon Thinking for the Common Good™Stay
We have been using the following for many years now http://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt on our border CISCO ASA firewalls with great success and little to no issues. A script pulls the new list, compares it with the old one and applies the delta. We are currently switching to PaloAlto FWs and it appears that scripting/importing this large list may not be as easy as it was with the ASA.
Can those of you who use the ET list with PaloAlto give us some feedback/scripts/API on how you implemented it? We are also considering moving it to our border CISCO router either as an ACL or as a Null route, any feedback with the latter and/or scripts you may be using? My primary concern with using Null route is the fact that as far as I understand it, it can only block outbound traffic. The router ACL can accomplish blocking in/out, but my concern is with performance. What say you?