This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject

Expedition 2.0 Features suggestions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Expedition 2.0 Features suggestions

lychiang
L6 Presenter

‎07-06-2020 11:42 AM - edited ‎07-27-2020 09:27 AM

Hi Expedition Live Community users, 

Expedition Developer team is in process of developing Expedition 2.0 and would like to hear your feedback.  Here is a brief overview of the new Expedition 2.0

Expedition 2.0 contains major features in previous version, and added below new features:

  • Brand new Web GUI
  • API enabled
    • Support automated workflows
    • Opportunity to create your own automation Library
    • Provides an automatable interface to Expedition’s configuration capabilities.
  • Enhanced Migration features
  • Automated “invalid object”-related fixes in Migrations
  • Auto validate configuration error and provide Wizard for auto remediation

We would love to hear your feedback on what you would like to see in expedition 2.0 !  Please provide us with feature requests in below format so we can all help make Expedition a better more useful tool to the community!  Thank you!! 

 

Feature Request  Title:

  

Current Use Case:

  

Suggested Idea:

  

Impact on Client(s): ( on scale of 1-5,  5 being the highest)

  

Priority: (on scale of 1-5, 5 being the highest)

  
2 people had this problem.
(2)
10 REPLIES 10

ncalderon
L1 Bithead
In response to swaschkut

‎07-06-2020 02:50 PM

Of course @swaschkut .

1 - It could be great if we can validate the configuration before export it from the Expedition, because when we import the XML file to the PA, sometimes there are a lot of errors, for example: Bad tags, bad data in router module, bad objects in general.

So, if we can validate the XML before export it, we can do these changes in the Expedition and then, validate it again and export it only when we are sure the file will work well in the PA.

 

2 - For Fortigate, for example. The 60% of migration that I do, are from Fortigates with multiples VPNs.

 

Tell if you want more details.

mbowling
L1 Bithead

‎07-07-2020 07:10 AM - edited ‎07-07-2020 07:13 AM

It would be nice to be able to see rule shadowing  in Expedition. I usually take the config into the firewall and do a validate commit to see shadows, and then go back into Expedition to  fix the rules.

 

It would also be helpful if all of the items that can be auto remediated in the BPA were  in a filter so you could fix those things first without searching through all of the BPA results and trying each item.

draynal
L1 Bithead
In response to rheris

‎07-08-2020 12:54 AM

Hi Team,

 

I'm an SE and we have a lot of customer who are looking for :

 

1) VPN Migration for Phase 1 and 2

2) Better Integration in Panorama, it's not very simple to merge multiple firewall into panorama with shared object already existing. Do you think we can have a merge feature ? the goal is to create a project with multiple firewall and 1 panorama. the project will replace all object with the same value and help us to attach the different firewall to the panorama.

3) for the ML we have a created an ELK (docker format) and i will be curious if we can use it with Expedition to have a continious ML without important CSV (limited line) and bypass the syslog feature who have some limit too. for your information we can have some statistic for GP/Threat/System/Traffic with all version ! (for GP we parse the system event before the version 9.1)

FrenchRickyRozay
L0 Member

‎07-08-2020 05:54 AM

Hi Team,

 

If you can add Stormshield firewalls to the list that will be great ! Migration Stormshield>Palo Alto are really bloody hell by translating manually the rules XD

 

Many thanks 

0 Likes Likes

dgildelaig
L5 Sessionator
In response to draynal

‎07-10-2020 01:27 AM

Hi @draynal ,

 

the option 2 is already present in Expedition 1.1.x. Just right click on all the objects and set merge by "name and value" or by name, or the option you find required.

It will calculate even if the resulting merged object should be moved to a higher DG so it offers visibility to all the beneath DGs where the merged objects were in use.

 

Regarding option 3, we already offer support with Splunk, but we have not initiated support for ELK. We will have to check in the future our plans to include more options

0 Likes Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks