- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
12-18-2013 06:39 AM
Hello,
I guess we've missed the release event of PANOS 6. Sadly we have no overview about the new features and so on...
Do you have some information to share?
01-22-2014 03:55 AM
I have to admit I have installed 6.0 on a couple of lab devices myself, so I can't say I'm not helping finding the bugs.
Hithead - why in the world are you using IE though? Is this some draconian thing at your work? Chrome or Firefox for PA all the way man...
01-22-2014 04:05 AM
IE is our default browser at work... With FF it works.... And the same issue we had with the release of PANOS 5... nothing learned..?!
01-22-2014 02:36 PM
RNC wrote:
PANORAMA 5.1 introduced 64-bit mode VMWARE machine. I believe - based on these forums - that it also improved the way that the log indexing worked, in that it replaced the genindex.sh route that is called every 15 minutes with a python script. At the moment 4.1 and 5.0 management plane slow down every time genindex.sh runs,
I hope you're correct on this one - the biggest complaint I have about 5.x is this slowdown when the genindex.sh process runs (every 5 minutes, not every 15) on the firewall.
I have graphs of the management CPU usage which show it going up and down, up and done, ad-infinitum every 5 minutes.
I'm not rushing out to install 6.0 (too much experience with the QA - or lack of it - on PA's .0 releases), but if 6.0.1 comes out I'll jump into it.
01-22-2014 02:38 PM
ericgearhart wrote:
You guys can go ahead and find the bugs... I'll be waiting about a year until PANOS 6.0.10 is out before we will move anything critical to 6.0
Or maybe we'll wait for 6.1.10... hmm. Decisions decisions.
Hithead I believe you found a bug in the WebUI already didn't you? Self fulfilling prophecy there, no? 🙂
I see I'm not the only one with a healthy scepticism about PA's .0 releases, Eric. 🙂
01-22-2014 04:18 PM
darren.g yep, this whole thread is basically "preaching to the choir" for me
01-22-2014 06:12 PM
I am an early adopter on new releases. Granted we are running a single PA-500, but we are tapping it pretty hard.
It is important to point out that, as far as I can recall, we have yet to run into a "show stopping" bug. Sure, we had some high management CPU, an occasional captive portal issue, etc. but not once has the bug been significant enough to force us to roll back.
I would rather have some occasional funk with new releases than have to deal with the interface of a Watchguard or a Sonicwall.
Just my two cents,
Bob
01-22-2014 06:25 PM
BobW - give it time. Wait till you have two PAs in an HA pair bouncing back and forth with dataplane restarts, or specific VoIP traffic triggering dataplane restarts once an hour, or specific instances where the PA built in DHCP server doesn't work.
Or I'm completely wrong and PA ironed out all their QA issues and 6.0 will be a solid release out the gate. I'm waiting and seeing though.
01-23-2014 12:08 AM
I don't want to insult PaloAlto but I cannot understand why they have so many problems with software releases. I have no idea how they develop and test their software but my suggestion is: Do it right the first time. To get and be market leader as firewall producer is it not a good way to release bug infected versions...
Also the way to create a ticket, get support and waiting for the bug fix takes me to long time... More then 1-2 months.
01-23-2014 05:40 AM
Hithead - honestly I think the company presses forward with new features too quickly. It's the classic "engineering versus sales" argument... engineering wants things to slow down and stable off, sales wants new features that they can sell.
GlobalProtect hasn't even stabled off yet and they're adding a mobile device management solution integrated into the firewall for example.
I understand that features sell product, and sales drive profit, and if Palo Alto Networks isn't selling then they can quickly be bankrupt, but honestly I think they need to put the brakes on some. But what do I know, I'm basically just another engineer 🙂
05-24-2014 02:03 PM
I couldn't agree more. I have never been hit by so many bugs with any vendor than Palo Alto.
05-27-2014 06:39 AM
we had to downgrade in 3 places because of 6.0.x different bugs.Also there was no time for troubleshooting the bug.
05-27-2014 06:41 AM
could you please tell us the bugs?
05-27-2014 08:28 AM
Since 4.x code, we have been hit by multiple ssl decrypt failure bugs, 100% management CPU bug, etc. We currently have a ticket open for an NTLM authentication bug on 6.0 code as well as another ticket for high useridd CPU usage on 6.0. Both are with their development team at this time.
06-02-2014 05:31 PM
rbergen wrote:
100% management CPU bug, etc.
Yeah, and PA's answer to that one is 'upgrade your hardware' if you're unfortunate enough to run a 2000 series.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!