What is still missing or needs to be improved in PA Next Generation Firewalls ?

cancel
Showing results for 
Search instead for 
Did you mean: 

What is still missing or needs to be improved in PA Next Generation Firewalls ?

L1 Bithead

Hi, will like to understand the oppinion from the PAN community about the features that are still missing or needs to be improved.

Will appreciate if you can specify by functionality like :

FIREWALL

Must Have : A,B,C

Nice to Have : D,E,F

Thks

Mario

67 REPLIES 67

gfowler Also it appears that another fast open source log management project, ELSA (Enterprise Search and Log Archive), has support for PA as well.

egearhart wrote:

darren.g  Java and Javascript are two different things, just want to point that out. Although trusting a browser client's Javascript interpreter to verify firewall policy is a rather cray idea, I agree.

Java/Javascript - they're both prone to security holes (albeit of different types), and I wouldn't trust any device which offloads processing to either option for security.

On the other hand this is already happening today since you use a webbrowser to configure the security rules in the PA.

The same malware that could screw up clientbased compile could at the same time hide rules from being seen in your browser - rules that opens a hole through your firewall for the malware to act upon.

L4 Transporter

- Ability to deploy and update User-ID Agent from the Firewall UI/Panorama. This would make life much easier in large environments

- Abilty to run scheduled commands (cron ?), such as a system reboot directly on the Firewall

- Ability to run local backups on the FW and export via ftp/tftp/scp/smb (this is an old one...)

- Improve FW UI in a way  to allow creation of Rule Sections. Now the rulebase is quickly becoming very confusing. Look at the Migration Tool, that's how It's done (Thanks Albert 🙂

- Ability to analyze MS Office files and pdf's in Wildfire

- Integrated WAN acceleration Technology would be a killer 🙂

I agree 100% with this one:

- Improve FW UI in a way  to allow creation of Rule Sections. Now the rulebase is quickly becoming very confusing. Look at the Migration Tool, that's how It's done (Thanks Albert 🙂

Would be nice if some official from PA could summarize this thread and comment on each and every suggestion what is in the pipe, what will be in the pipe and what will be discarded due to hardware/political limitations.

L0 Member

Let´s Encrypt integration in PANOS and PANORAMA would be very helpful.

As an Example for the global protect portal and gateway function or ssl inspection functions.

cheers

Andy

L4 Transporter

I'll crawl the intranet we use for feature requests. I will try to crawl and relay PM response on these, and if not create some NGFW 

Help the community! Add tags & mark solutions please.
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!