Hi, will like to understand the oppinion from the PAN community about the features that are still missing or needs to be improved.
Will appreciate if you can specify by functionality like :
Must Have : A,B,C
Nice to Have : D,E,F
B. Ability to quarantine malicious or infected devices/computers for a given period of time e.g. TippingPoint which blocks access.
When the time duration has expired access is granted until another threat is triggered.
(For DHCP clients the IP address can change to another device that is clean.)
This forces users with infected systems to call the HelpDesk for assistance.
Blocking access only on malicious activity does not resolve the root cause on a protected LAN.
gfowler: we feed our PAs into a SIEM via syslog and it works wonderfully... I almost never have to log in to the appliance itself for the usual day to day log review.
On the cheaper side, you could have your PA feed into something like rsyslog or Splunk (up to 500 megs a day is free with Splunk!) and review logs that way
Better Quality Assurance
It is honestly insane how many bug report tickets we have filed with PA for their devices... it seems like every time we go to take advantage of one of Palo Alto's many firewall features we are bitten by some bug or another. I like PA, I like the product line, I like the approach the company is taking, heck I like the smaller company atmosphere that seems to prevail there, but please for the love of packets improve your QA process! Test all the features in the product! Test all the features when every major release comes out!
And please test and improve GlobalProtect until it is to the point where it is rock solid!
Anyways, that's my .02 cents
Palo Alto really should create an upgrade kit for the PA-500's.
The amount of time that a commit takes to be processed is just ridiculous at this point. We've had commits take upwards of 5 minutes at some points.
This is not good when you need to suddenly make a change to revert a commit or tweak something.
Just put together a kit with some SSD storage, and more RAM and all would be well. There have been plenty of threads on the slowness of the PA-500's, and while PA themselves admit it's because it's older hardware, they haven't really done much to rectify that.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!