Needing all help possible to upgrade our lab from PA-500 to VM-100s

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Needing all help possible to upgrade our lab from PA-500 to VM-100s

L1 Bithead

Good morning,

I am John Hauser, a trainer for Fishnet Security, and I have been tasked with upgrading our lab environment from our old PA-500 hardware units to the VM-100 FWs.  I have very little VM experience both on the initial setup of the VM side and then also what modifications will have to be made to labs to make them work.  I have heard many comments in some of the TTT sessions that I have attended stating that are many tricks to be learned along the way.  If any one would be willing to help me get started with documentation, the lessons that you have learned, and so on, I would greatly appreciate it.  I have the one document that Blair pointed me to, but need much.  Has anyone tried to mix PA-500s and VM-100 together for a lab or are the labs so changed that it doesn't work.  I am really green at this new VM stuff. 

Thanks for any and all help offered,

John Hauser

john.hauser@fishnetsecurity.com

913-206-1255

6 REPLIES 6

L4 Transporter

L7 Applicator

I think a lot depends on what you are using the lab for on how well this works as a mixed environment.

Building out lots of simple functions is great for a VM deploy.  As long as you have enough vlans available to trunk into the VM host to provide the required separation for all the nodes.

The major drawback to the VM series is the feature parity.  As long as you don't need to lab up the HA or other unsupported features all should work well.

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center

Steven,

What functions beyond HA have you found the VM-100 don't work for the PA lab guide?

I am just getting started on both sides of this issue.

Thanks,

Other features I remember missing were Jumbo frames and LAGs.  I haven't looked at the docs in a while, but at the time there was no single list of feature limitations.  I had to cull them from the text in the deployment scenarios.

I don't do the courseware, but create labs for configuration testing.  So I'm not sure how this would map to the classes.

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center

The VMs missing Jumbo Frames is ridiculously silly in my opinion.

I can understand HA and LAGs as one can us the hypervisor to facilitate that mostly.. but Jumbo Frames would be great to implement.

Agreed, the other silly decision on a VM is to not support v-motion.  This is a pretty basic data center feature and makes getting a deployment approved by the VM team very difficult for production usage.

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center
  • 3472 Views
  • 6 replies
  • 0 Likes
  • 101 Subscriptions
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!