I was assigned to work on a project with involves working with Palo Alto appliances a lot. I have never touched such a firewall before, so I am planning to get two (or more) devices for my home lab and experimental use.
Do you think the PA-2050 model would be suitable to get me started and possibly help me get certified?
Thanks a lot.
Hi @IvanSpasov ,
While a PA-2050 will definitely help you get familiar with the product I would recommend a more recent model if you have access to it.
Note that the end-of-sale date for the PA-2000 series is from April 30, 2015 ... well over 4 years ago !
This model will go out of support in April 2020 which isn't that far away anymore.
Also, the latest supported OS version on this model is PAN-OS 7.1 which will be end-of-life in March 2020.
You will be missing out on PAN-OS 8.1 and 9.0 features (I'm not mentioning PAN-OS 8.0 because this one will be end-of-life in October 2019).
Some info on EoL:
The 2000 series firewall is end of sale so I would not bother with it. It will not be able to run PANOS 9.0.
To be able to use the advanced features you will need to have a device with active licences and I doubt that anything you get hold of from ebay or anyware else will be licenced.
My suggestions would be.
1. If your company has a support account then get yourself added as you will be able to use the learning center which hase a good amount of online training reasources. I think you can also sign up for a research account without any devices under active support.
2. If your company has a relationship with a Palo Alto account manager (or a decent reseller) then you can request evaluation licences for virtual firewalls and Panorama. This will normally give you 30 days with all features licenced.
3. If you want a hardware device for your lab then buy a PA220 with all of the licences. It is the smallest device but still capable of nearly all of the features and will certinally be good enough for your learning.
Hope this helps.
@IvanSpasov my recommendation is not to spend money on hardware, because the virtual appliences run the same PanOS, with only small interface-related differences. PA-2xxx will not support the latest PanOS 8.1 and 9.0 and you will also have some limitations of not having subscription licenses. Any other licensed physical applience will be quite expensive and unless your company pays for it, there is no point in spending that much.
My recommendation for basic learing is to download VM image from the support portal (as long as your company has valid support contract). While being unlicensed will have a few limitation, it will be good to familiarise with interface and some basic practice.
To try the licensed features you can can get virutal applience in AWS or Azure. You pay only for the time you use and as long as you remember to shut it down after you finish with it, it will not cost too much.
I would say get a PA-220 for your home to play with it. Also get one for the office and see how it works there as well. For slightly less than $500 each, they are worth it.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!