Tune your PAN Firewall for effective security!

A production deployment of a security solution must balance effective security with operational metrics - stability, uptime, and a seamless experience for end-users. Production environments deal with real-world traffic where the primary focus is on policy enforcement, integration with existing network stacks, and maintaining a high quality of experience for actual employees and customers.Every enterprise should maintain a security posture suitable to their tolerances for network performance and security metrics. However, evaluation of a firewall with test traffic fundamentally differs from production deployment, as test traffic is usually designed to push the device to its limits in a controlled lab. Testers use "synthetic" traffic generators to simulate extreme test conditions - such as maximum concurrent sessions, packets per second, and deep packet inspection (DPI) under heavy load. 

Palo Alto Networks Firewalls provides immense flexibility with detailed configurations including file traffic scans based on policy, type and size. During an evaluation of a firewall using test traffic, it is recommended to enable features and tune the firewall appropriately (including file types and file sizes), in a way that the relevant samples are sent for analysis.

For a detailed list of files supported by Palo Alto Networks WildFire, refer to Supported File Types (Complete List). Below is a snapshot of the default and maximum file size limits as of PAN-OS 11.x

WildFire File Type and Size Configuration (PAN-OS 11.x)

Note: Please note that file types and file size limits are enhanced with every release. 

Refer to Increased WildFire File Forwarding Capacity to understand how to configure file forwarding on Palo Alto Networks Firewalls.  For your production deployments, please consult a Palo Alto networks sales representative or your partner for best practices that fits your deployment.