PANOS 6

Reply
L4 Transporter

Re: PANOS 6

I am an early adopter on new releases.  Granted we are running a single PA-500, but we are tapping it pretty hard.

It is important to point out that, as far as I can recall, we have yet to run into a "show stopping" bug.  Sure, we had some high management CPU, an occasional captive portal issue, etc.  but not once has the bug been significant enough to force us to roll back.

I would rather have some occasional funk with new releases than have to deal with the interface of a Watchguard or a Sonicwall.

Just my two cents,

Bob

L4 Transporter

Re: PANOS 6

BobW - give it time. Wait till you have two PAs in an HA pair bouncing back and forth with dataplane restarts, or specific VoIP traffic triggering dataplane restarts once an hour, or specific instances where the PA built in DHCP server doesn't work.

Or I'm completely wrong and PA ironed out all their QA issues and 6.0 will be a solid release out the gate. I'm waiting and seeing though.

L4 Transporter

Re: PANOS 6

I don't want to insult PaloAlto but I cannot understand why they have so many problems with software releases. I have no idea how they develop and test their software but my suggestion is: Do it right the first time. To get and be market leader as firewall producer is it not a good way to release bug infected versions...

Also the way to create a ticket, get support and waiting for the bug fix takes me to long time... More then 1-2 months.

L4 Transporter

Re: PANOS 6

Hithead - honestly I think the company presses forward with new features too quickly. It's the classic "engineering versus sales" argument... engineering wants things to slow down and stable off, sales wants new features that they can sell.

GlobalProtect hasn't even stabled off yet and they're adding a mobile device management solution integrated into the firewall for example.

I understand that features sell product, and sales drive profit, and if Palo Alto Networks isn't selling then they can quickly be bankrupt, but honestly I think they need to put the brakes on some. But what do I know, I'm basically just another engineer :-)

L1 Bithead

Re: PANOS 6

I couldn't agree more. I have never been hit by so many bugs with any vendor than Palo Alto.

L6 Presenter

Re: PANOS 6

we had to downgrade in 3 places because of 6.0.x different bugs.Also there was no time for troubleshooting the bug.

L4 Transporter

Re: PANOS 6

could you please tell us the bugs?

L1 Bithead

Re: PANOS 6

Since 4.x code, we have been hit by multiple ssl decrypt failure bugs, 100% management CPU bug, etc. We currently have a ticket open for an NTLM authentication bug on 6.0 code as well as another ticket for high useridd CPU usage on 6.0. Both are with their development team at this time.

L4 Transporter

Re: PANOS 6

rbergen wrote:

100% management CPU bug, etc.

Yeah, and PA's answer to that one is 'upgrade your hardware' if you're unfortunate enough to run a 2000 series.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!