Expedition Supported 3rd Party Vendor Matrix

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
L6 Presenter
100% helpful (6/6)

Expedition supports migration sections of the below Vendor's configuration to PAN-OS configuration

**The list of tested Vendor OS version, version not listed here needs further validations

*** The UserID CN chain is extracted from the original configuration and integrated into the migrated security rule. However, the device configuration must be manually performed on the device itself.

 

Table1: Expedition supports converting 3rd Party vendors config sections (Updated on 2024/01/01)

Note: Table will be updated when new support added

 

Vendor

Supported Vendor OS**

Global Address Object

Address Objects

Address Group Objects

Service Objects

Service Group Objects

User ID

Security Policy

NAT Policy

Network Interface (L3 only)

Routing(Static Routes Only)

VPN

Checkpoint

R75,R77

✔ 

***

 
 

> R80

✔ 

***

 

Cisco

ASA 9.0, 9.1,9.6,8.2,8.4,

 

 

FirePower [only in ASA syntax]

 

 

Fortinet

Fortigate 4.0, 5.0,6.0

 

 

IBM XGS

5.1

 

 

 

Juniper

All Netscreen Firewalls (ScreenOS)

 

 
 

Junos 11.4, 12.1, 12.3

 

 

Forcepoint

Sidewinder

 

 

 

 
 

Stonesoft

 

 

 
Rate this article:
(2)
Comments
L0 Member

When will Expedition 2.x be available? 

L0 Member

Is that April of 2022?

L6 Presenter

Yes

 

L0 Member

Hi,

In my memories, there are some migration guide for these 3rd party devices, but I can't find it now.

Is there anyone have the link?
What I had downloaded before is "Forcepoint Sidewinder Migration Guide.pdf"

Thanks.

L0 Member

Hello

 

What About Stormshield ? Is there a way to use Expedition OR to use another tool/method to convert for SShield to PA ?

L0 Member

For Stormshield you can export the rules and objects in CSV and then use Expedtion to import these CSVs and build your configuration.

L1 Bithead

Hi,

 

How about Sonicwall firewalls? Is there chance to use Expedition tool to convert Sonicwall config?

 

Thanks,

Misi

L6 Presenter

Hi @mkukucska Yes, it is in the roadmap of Expedition 2.x 

L1 Bithead

And when can we expect Expedition 2.x to be released?

L0 Member

Hello!

Any plans on including Watchguard Firebox in the Expedition tool?

 

Thanks!

L4 Transporter

Hi @ghughes 

Sorry but we do not have plans to add more supported 3rd party vendors to our list of parsers.

In case you need to execute a migration from a non-supported vendor (or even supported one at a big scale) I will encourage you to contact to your sales account contact for PS Migration Factory engagement. 
Hope this helps,

Best,

David

L0 Member

Can the Expedition tool offer a shortcut to importing a PA-850 PAN-OS v8.1 to a PA-3410 PAN-OS v10.1?
Kind Regards,
Dan

L4 Transporter

Hi @iccnetmgr 

 

Expedition tool is intended to help on migrations from 3rd party vendors and also to optimise the security posture on a PANOS device.

 

The migration you are describing could be done using PANOS features as export and import from old to new devices (you may need to update networking information and VPN configuration). 

Once you have your configuration pushed to your new device you can download it to Expedition and do some optimisation like removing duplicates and merging similar policies among other features Expedition can help.

 

For assistance on the PANOS upgrade I will suggest you contact the TAC team so they can provide you more information and guides.

 

Hope this helps,

 

David

 

 

  • 20823 Views
  • 13 comments
  • 10 Likes
Register or Sign-in
Article Dashboard
Version history
Last Updated:
‎02-01-2024 04:19 AM
Updated by: