Looking for some advice on Licenses

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Looking for some advice on Licenses

L2 Linker

Hello All,

this is just a question to see the best approach, bear in mind this is not a tech question. OK in advance apologies for the next line.

Our company is a gold partner for Cisco. However, we also support Palo Alto. I am a consultant for PA and noticed there are few products of which I do not have knowledge. As a partner, we could sell those to clients. however, I need to have product knowledge. the best solution would be to lab them and get the relevant expertise.

 

So, my question is. Do we need to go through our pre-sales to apply for a trial license, or is there any other way?

I want to test some PanOS, boy I was surprised to see so many variations in there. majority of the features wi=ould be the same.

but the differences are the things I would like to learn,

 

in case the EA or SA or even presales approach me,I would be able to respond with a "yes".

 

sorry for the long essay though

thank in advance

 

 

 

 

1 accepted solution

Accepted Solutions

Hi @Shadow ,

- You can install virtual PA firewall for lab and use it without licenses. BUT there are lot of limitation:

   - You will have very low limit of concurrent connections and throughput (not big of a deal right)

   - You will be limited to 1-2 concurrent GlobalProtect (remote access VPN) users

   - You will not be able to enable any of the additional NGFW inspection (IPS, AV, URL, DNS etc, non of that)

   - Your FW should still be able to apply application identification and filtering based on application (not layer4 port), but you wouldn't receive automatic updates, so you will need to upload such dynamic update package manually. You can use build, but it is possible that non applications will be identified correctly.

To sum up you should be able to test most (or even all) features of layer4 firewall - VPN (RAS and site-to-site), networking, routing, High-Availability, basic security rules, I believe even user identification (not sure about that)

 

- If you want to learn more you will definitively need to contact account/sales and request evaluation license - which is valid for 30 days.

- Apart from hands-on-lab you have the option to go over the self-paced training on https://beacon.paloaltonetworks.com/student/catalog/list?category_ids=25389-strata Beacon is Palo Alto learning portal with ton of free online self-paced training. You can search for "Strata" product there - is the "code" name for all firewall related.

 

 

View solution in original post

2 REPLIES 2

Hi @Shadow ,

- You can install virtual PA firewall for lab and use it without licenses. BUT there are lot of limitation:

   - You will have very low limit of concurrent connections and throughput (not big of a deal right)

   - You will be limited to 1-2 concurrent GlobalProtect (remote access VPN) users

   - You will not be able to enable any of the additional NGFW inspection (IPS, AV, URL, DNS etc, non of that)

   - Your FW should still be able to apply application identification and filtering based on application (not layer4 port), but you wouldn't receive automatic updates, so you will need to upload such dynamic update package manually. You can use build, but it is possible that non applications will be identified correctly.

To sum up you should be able to test most (or even all) features of layer4 firewall - VPN (RAS and site-to-site), networking, routing, High-Availability, basic security rules, I believe even user identification (not sure about that)

 

- If you want to learn more you will definitively need to contact account/sales and request evaluation license - which is valid for 30 days.

- Apart from hands-on-lab you have the option to go over the self-paced training on https://beacon.paloaltonetworks.com/student/catalog/list?category_ids=25389-strata Beacon is Palo Alto learning portal with ton of free online self-paced training. You can search for "Strata" product there - is the "code" name for all firewall related.

 

 

Hello Astardzhiev,

 

thank you for the response. I will certainly look into the Beacon training. however, for the license (trial), od I need to go through our pre-sales guys or from the PA. there was a post on live PA about it and with an email, sish, I didn't bookmark it

  • 1 accepted solution
  • 1533 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!