Our Live Community Sentinel, @BPry, responds to a question posed to the community.
Question: What is your favorite Palo Alto Networks NGFW feature?
Answer: I've got a few.
While you surely can't rely on WildFire for everything, I get a large amount of alerts throughout the day from users downloading dumb things, or actively seeing SMTP traffic that I can make sure was actively blocked by our spam gateway. It's amazing how much stuff WildFire catches that I act upon on a daily basis, and how much traffic it stops throughout the day so that it doesn't even get onto the users machine. (Pair this with Traps and you have a winning combination!)
It's amazing to me how easy this feature is to configure, but yet it's one of the least utilized features on the firewall when you actually start talking to other Palo Alto Networks customers. Most people think this is some incredibly hard thing to configure, and really, if you take your time, it's stupid-easy.
This is a fairly simple thing, but I love it from a feature prospective. I can ensure that any known malicious URLs aren't visited, and get a report everyday of those that did manage to visit a malicious URL. This used to be something that you had to manage another appliance for, and now it just ties right into your firewalls so that you can manage it just like you would anything else. Again a stupid-easy feature, but one where I'll see people with active licenses not understand how it functions and do things like not include a profile in the correct security policies so that it actually functions. (@BPry from discussion here. See what others have to say, too!)
Question: Can I use Panorama as a management and a logging device in one box?
Answer: Yes, by default, Panorama can be set up as a log collector and still manage devices.
Panorama can be configured to be one or the other, or both. @jdelio
For information on exactly how to configure Panorama to serve this dual purpose, please see the following article: