- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
08-28-2011 10:20 AM
Hi all,
reading the test report I noticed just a couple of things for which I'm totally agree (unfortunately). Are things that should be a MUST to really compete with the other important vendors.
1. "File blocking lets you identify certain file types that can then be blocked for either upload or download or both. We found that the file blocking was easily fooled. For example, putting a file into a zip archive effectively hide the file type, as did changing the first few bytes of the file (by adding blank lines) and, in one case, changing the filename — which we didn't expect to work. Data filtering, a type of data leak protection, successfully let us search for strings and wildcards in various applications flying by, but really isn't powerful enough to qualify as a data leak protection solution."
Not good, really.
2. "To test intrusion prevention, we fed the PA-5060 a live Internet feed of approximately 40Mbps for several weeks and watched what it told us. As with most IPS-in-a-firewall products, the PA-5060 doesn't match the flexibility and power of dedicated IPS products.
One critical and valuable feature of the PA-5060 GUI is the ability to go directly from a log entry to the exception list with just a few clicks, and without losing your place. This lets you handle false positives quickly and get back to the difficult work of interpreting IPS events."
I have been telling this for a year, that IPS features need a massive improvment, in terms of flexibility and functionality. Actually, only the engine is good. All other aspects are a nightmare to manage and show to prospect during a competitive analysis: it's too hard convince a customer that PAN IPS is better then others, simply because is not totally true, a part the engine. 😞
Do you have any important update in roadmap?
Thanks a lot! 😉
11-08-2011 09:04 PM
You do have some valid points. For any of these types of issues or questions please contact your local Palo Alto Networks Sales Representative.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!