The only thing I know for certain is that "patches" X.X.X are released every 6 weeks. I'm not certain about the release cycle of new versions (X.) or major revisions/feature releases (X.X) from within a version.
I think the later two are "it depends."
I would avoid 7.0 2 or 3 at all costs. We upgraded and have had nothing but problems. SSL decryption stops working (stops passing traffic). The firewalls have buffer problems and stop passing all traffic. We were a happy PAN customer for 5 years and now I spend my days and nights nursing my Palo Alto firewalls and talking to TAC. 7.0.x is one of the worst versions of code I have seen in my 30+ years in IT.
AVOID, AVOID, AVOID!
I upgraded to 7.0.3 because I had to get 1-2 of the features it provided. luckily I dont use some of the services (yet) that have been really problematic for users. I would have stayed on 6.1.X if I could.
I agree with @john.langford and couldn't have said it better. We are actually going to downgrade a few active/passive firewalls running 7.0.3 to 6.1.8 just to resolve issues with SSL decryption / dataplane memory leak bugs. We experienced them in 7.0.1 as well.
I'm hoping 7.1.x gets a more rigorous QA to avoid these types of issues. Basically in my mind if you want to run SSL Decryption and 7.0.x, it's not if, its just when will your SSL sessions stall or SSL buffers run out before you have to reboot / restart the dataplane. I'm actually surprised that the software posted hasn't been deffered.
Love the product however I am not sure what happened with 7.0.x.
Thes is just the short list of bugs I know and also experienced:
I also agree with you all with the point that I still really like the PaloAlto Products, but there have to be big, really big quality improvements in 7.1 to restore the trust into the product I once had.
We have 37 firewalls (from 5000 to 200 ) managed with Panorama 7.0.3. I love template and device group stacking feature, new ACC look. 15 of them running 7.0.3 the rest is on 6.1.7. I dont see any issues on 7.0.3, but we dont use SSL decryption or GP, any other features works just as it suppose to.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!