I am planning on upgrading the PA 5050 os from 6.1.7 to 7.0.3. I have been reading over the changes and I think it would be beneficial to see examples instead of description of what changes are , anyone have any recommendations
I just want to keep my os current. PA told me to wait for there endorsement before going to 7.03 and I was not aware that 7.04 was coming out. I would probably only go to the OS that was one below the latest and greatest until it is tried and recommended
If you decrypt ssl then better to wait and see if 7.0.4 has any fixes for it in release notes.
Some environments have random issues with 7.0.3
There are some "cool" features in 7.X that I wanted, but nothing business driving.
I've been keeping in close contact with my SE, I suggest you do the same to make sure you get the right info, but from what i can tell 7.0.4 is going to be the "first suggested" version of 7.X as "stable." I'd wait for that, but I'd confirm with your own account SE.
A side note. 7.1 is going to beta soon and the inital info I've seen there have been huge positive operational support additions to SSL/TLS interactions.
I have not found my SE very helpful, I rarely hear anything from him and little to questions I send him. But what I would really like is to be able to look at a box with the changes on it before upgrading to the newest version. I have read the release notes and there are 62 pages to it, granted I don't use panorama so I can skip that stuff. But as always my biggest concern is how is it going to change what I currently have configured and what are the benefits
If you must move to 7.x, I would wait for 7.0.4. We were an early adopter to 7.x and have had quite a few issues with everything from SSL decryption issues to dataplane memory leaks (caused by SSL decyription).
You have two choices in my mind:
1) If you must go to 7.0.x for features, wait until 7.0.4 as it has the SSL decyrption memory leak bug addressed.
2) If you can wait, move to 6.1.8 and wait for 7.1.1+ as there are a bunch of improvements in general from this release of PAN-OS, specifically from what I hear better SSL decryption support.
That's unfortunate about your SE...Mine's been good, especially with practical/applicable internal/NDA kinda stuff.
I've got Panorama on 7.0.2 only with 14 or so FWs from 5060s/3k/200s on version 6.X code. The biggest thing I see is ACC is night and day different (In a positive way.)
There are some default behavorial changes but for the most part it's the same "function" with ACC being the 1 major change. If you used ACC a lot in the past it will take some used to the new format.
Agree with @mlinsemier on going to 7.1.1. Once 7.0.4 has been released I plan on upgrading our enviornment. Then once 7.1.X comes out the TLS support is going to be dramatically improved.
I thought that the new os releases were about every other month according to my software updates but it almost sounds like they are always working on a new revision.
Also when I do contact my SE he tells me to call into support for help.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!