PAN-OS 9.0 Released - Stop and Think

Reply
Highlighted
L2 Linker

Re: PAN-OS 9.0 Released - Stop and Think

I'm quite disappointed in Palo Alto's approch to not make 9.0 supported on the 5000 (i.e 5020, 5060, etc.)  For a customer that purchased their equipment right before th 5200s came out it seems we (and probably many others) were screwed over on this deal.  Palo's approch when I discussed this was "you'll have to upgrade."  Ya that's all fine and good if you want to fork out another $250K for a pair fully licensed.  As an enterprise customer I would hope to get 5 years out of them but that dones't look to be possible IF we need some of the featuers in 9.  Now I'll admit that we wouldn't go to it until at least 9.0.6 or .7 so maybe a year out but that still is less than what we're hoping to get out of them.  I can see maybe not doing this on a 200 or 3000 but the 5000 should have more than enough power to handle it.  Just a major downer by PAN on this one.

Tags (2)
L7 Applicator

Re: PAN-OS 9.0 Released - Stop and Think

@NickThen,

I'm not sure how much I can get into specifics due to it being brought up in an NDA conversation, but the 5000s are spec'd high enough to handle 9.0, but they lack the proper hardware compodents to make all the features work/work as suspected. Instead of branching the codebase it's easier for Palo Alto to simply drop any *000 series firewalls than having a 9.0 that can do certain things and one that can't due to platform. 

If you want to get into specifics you'd need to reach out to your SE and have them setup a meeting with the proper folks from Palo Alto, but that may or may not put you under an NDA about the specifics (This was prior to 9.0 being publically released so all talks I was having on the matter were NDA, you might not actually need one anymore?)

L6 Presenter

Re: PAN-OS 9.0 Released - Stop and Think

I think we're only up to like 3 threads asking about implementing 9.0.  Looks like I would have lost the bet.

L7 Applicator

Re: PAN-OS 9.0 Released - Stop and Think

 Looks like this topic has saved people from mischief ;)

 

(If this is true then this could have a negative impact on the first 9.0.x release that becomes recommended ... if fewer people who install 9.0.0 right away run into problems, less support cases will be opened, less problems are known and can be fixed and so it could take longer untill all critical ones will be solved :P   )

L6 Presenter

Re: PAN-OS 9.0 Released - Stop and Think


@vsys_remo wrote:

 Looks like this topic has saved people from mischief ;)

 

(If this is true then this could have a negative impact on the first 9.0.x release that becomes recommended ... if fewer people who install 9.0.0 right away run into problems, less support cases will be opened, less problems are known and can be fixed and so it could take longer untill all critical ones will be solved :P   )


 

Good point...Install away!!  Hit those bugs before I do.  That way when I upgade at 9.0.6+ I don't hit a bug no one has seen yet.

L2 Linker

Re: PAN-OS 9.0 Released - Stop and Think

Yes, I am pretty bummed that my 5050 are not supported, but my 3020 are.

L1 Bithead

Re: PAN-OS 9.0 Released - Stop and Think

Didn't mean to "me too" your post!

 


@BPry wrote:

If you have spare lab equipment I highly recommend signing up to participate in future beta programs going forward; it's a great way to get to mess around with new features and seeing what Palo Alto has on the roadmap. 

 

Do you know off hand how I would sign up for the beta program?

 

Thanks!

Troy

L7 Applicator

Re: PAN-OS 9.0 Released - Stop and Think

@tszafalowicz 

Just ask your SE. He can add you to the beta program or at least forward your request into the right direction.

L3 Networker

Re: PAN-OS 9.0 Released - Stop and Think


@Brandon_Wertz wrote:

 

Good point...Install away!!  Hit those bugs before I do.  That way when I upgade at 9.0.6+ I don't hit a bug no one has seen yet.


I hit a bug in 8.0.15 no one had found yet...

L6 Presenter

Re: PAN-OS 9.0 Released - Stop and Think


@DPoppleton wrote:

@Brandon_Wertz wrote:

 

Good point...Install away!!  Hit those bugs before I do.  That way when I upgade at 9.0.6+ I don't hit a bug no one has seen yet.


I hit a bug in 8.0.15 no one had found yet...


 

We hit an unidentifed bug in 8.0.10 (which won't be back ported into 8.0, but will make it's way into 8.1.X -- super rare hash collision)

We hit a bug in 8.0.14 memory leak...fixed by upgrading to 8.1.6

 

So yeah, truly anything is possible but by-in-large the .5/6 patch is usually when the code base gets stable.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!