nbar

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

nbar

L4 Transporter

Hi,

What is the NBAR equivalents in pa- qos or how does it works in PA

 

Thanks

8 REPLIES 8

L1 Bithead

Not sure if I on the same page but PanOS already recongize the application you just need to configure class and policies. Check this link out it may clear up some questions. 

 

https://live.paloaltonetworks.com/t5/Featured-Articles/Getting-Started-Quality-of-Service/ta-p/68633...

I think what @simsim is looking for is PBR...Policy Based Routing.  (Not to be confused with the beer...I guess Palo calls it Policy Based Forwarding...Under the Policies tab)

 

NBAR is Cisco's term under SDN WAN...Network Based Application Routing.

Hi,

Sorry for the confusion .

I am talking about "Network-Based Application Recognition"-cisco

Thanks

@simsim My company is looking into NBAR and which vendor is the best fit for our needs.  

 

Cisco with DMVPN / SDN WAN / iWAN...Name the most current "jazzed" up acronym and if we can get a similar functionality out of Palo.

 

For us Palo seems easier to use in general, but depending upon what you're looking to do Palo might not be able to do "all" that Cisco offers under SD WAN.  SDN WAN, which leverages NBAR, is really all about application performance (QoS / Latency).  

 

I haven't really seen how Palo can do that...But from a raw function of NBAR...To me it seems Palo "should" easily be able to do that since at it's core the Palo firewall is an application based firewall.

 

If you go to the policy based forwarding areas in the policies tab you can see you can tell Palo to send a specific application down any interface / sub-interface that's configured on the appliance.

 

 

I might be able to tell you how NBAR works in an 850 in the next 4 months...More to come

@Brandon_Wertz- how was your experience with Palo's flavor of NBAR ? 

 

I happened on this thread while looking for NBAR Netflow information.

Sorry @BBoatright my activites got redirected a few months after I posted that.  

 

We ended up not getting 850s, but 5220s.  My plan is to use my 5060s which were replaced by the 5220s.

 

 

So in the next 2 or 3 months I should have my 5060s redeployed and doing what I planned on they do.  Though, I am a bit concerned because when you look at the Policy based forwarding area you can't specify things like "Facebook" or "Office-365."  Palo pushes customers to use EDLs via something like MineMeld to use IP based objects in PBF rules.

 

So I'm not really certain Palo will be able to do NBAR esque features, which seems rather odd for an "application based" firewall.

 

 

Instead I'm likely going to use generic type routing to send a large base of traffic out specific interfaces.

Ugh.

 

Thanks!

  • 3863 Views
  • 8 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!