for me there is a fear factor involving DoS/Zone Protection, I envisions choosing too low a session number and slamming the door on all traffic. But I am going to put it in soon
If implemented correctly there is actually little worry that you would sever traffic, as you can work with the alert value until you feel confortable enough to actually implement an Activate and Max connection rate.
It's hard to pick just one!
I love the grainualarity of the security policies - I can filter for individual IP's, users, applications, zones, times ... to allow just what I want to allow, to whom I want to allow it, where I want to allow it, and at the time I want to allow it.
The geofilter is nice and does massive amounts of "heavy lifting" filtering out nonsense.
The packet capture feature is a bit (a bit?) rough around the edges but functions well enough to be one of my favorite features.
The filtering in the logs is wonderful ... not so much in the session viewer but functional none the less.
Sounds basic but cloning is by far one of my favorite features. Prior to pulling all of our firewalls into Panorama it was limited to similiar rules to get started but once we were under the Panorama umbrella, Wow! How cool it was to define a block of rules then clone them across multiple firewalls. A few rule name clean-up and zone changes and your all set.
My next favorite feature is the ablitity to use the PAN Configurator. Again with the help of Panorama it's been amazing to be able to update a rule set across multiple firewalls with a few one liners on the PAN Configurator command prompt. Even grabbing a rule set across all my firewalls at once to view in an easy to read spreadsheet is huge.
I like the URL filtering category specillay ssl decryption to blocking the evasive applications.
the whole idea about APP-ID, gives you a total overview and visibility on what goes on. both for allowing and denying stuff and troubleshooting.
show counter global filter packet-filter yes delta yes
This is the best of many great features
I would say, in short, that my favourite feature is the architecture, the strength of the security policies.
On top of that I would say XML-API.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!