A Fall/Autumn Question: What is your favorite Palo Alto Networks feature?

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Please sign in to see details of an important advisory in our Customer Advisories area.

A Fall/Autumn Question: What is your favorite Palo Alto Networks feature?

L7 Applicator

A wrap of our summer question leads into fall or autumn, as your preference may be, wherein we ask:


What is your favorite Palo Alto Networks feature?

Did it help solve a problem you were facing?


As a former support engineer, I always like to hear when customers arrive at that a-ha moment of understanding or discovery, when the firewall does something simple and basic, or amazing and extraordinary, but always in time to solve a problem.


I'm looking forward to hearing which feature(s) of the firewall most tickle your fancy. I've got a few of my own... You first.

LIVEcommunity team member
Stay Secure,
Don't forget to Like items if a post is helpful to you!

L1 Bithead

Global Search!  It's so nice to be able to see where objects are configured quickly.


I like the URL filtering category specillay ssl decryption to blocking the evasive applications.

L0 Member

the whole idea about APP-ID, gives you a total overview and visibility on what goes on. both for allowing and denying stuff and troubleshooting.

L2 Linker

show counter global filter packet-filter yes delta yes


This is the best of many great features



L2 Linker



I would say, in short, that my favourite feature is the architecture, the  strength of the security policies. 


On top of that I would say XML-API.





I am almost ready to implement Zone protection in alert mode but I have 1 concern, the syn packets don't seem to really offer just an a alert only a random early drop.randomearly.PNG

L2 Linker

My favorite feature is probably not a feature.  I remember logging in the first time to the PA and was trying to figure out why something wasn't connecting and at the time my knowledge with PA was in its infancy.  I logged on and saw the monitor tab and was able to put in my source and destination IP address and it showed me exactly why the connection was failing.  I was able to apply a fix in minutes that would have taken me longer on our previous system using syslogs.  It was the ah-ha moment for me at that time.  Great technology!!



L1 Bithead

QOS is way under used. 


I have seen it clear up all kinds of audio funk with all kinds of apps simply by using the default classes.  This had an affect even without bandwidth contention.  No DCSP, no TOS.  Just create a couple rules for the touchy apps and set them to Class 1.


If you want to get fancy, combine it with our custom applications (i.e. NCAA) to cap bandwidth on custom apps.  Schedule it so that every 15 minutes the bosses computer gets a trickle, just to mess with him/here.  Allow bittorent at a slow rate as League of legends has that as a dependency, etc.





@jdprovine@BPry, There is an "alert".. just look at what it shows. There are 3 fields.. 

Alert, Activate and Maximum. 


Set the Alert number where you want to alert.. and you will be alerted. 

If the numbers reach the Activate level.. then it will activate. I would recommend that you set that to be the Highest level, along with the Maximum in order to meet your needs.  Hope this helps and makes sense.

LIVEcommunity team member
Stay Secure,
Don't forget to Like items if a post is helpful to you!

L4 Transporter



another area of zone protection looks like the only setting is a drop of traffc,drop.PNG no alert, granted most of this traffic looks like it should be dropped



Thanks, everyone, for your comments and the lively discussion! We'll be sure to pass along your praise for the Palo Alto Networks Next Generation firewall to those who will smile the widest when hearing the news and reviews of this great engineering feat. Back with a wrap-up soon!

LIVEcommunity team member
Stay Secure,
Don't forget to Like items if a post is helpful to you!
  • 25 replies
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!