- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
04-07-2018 02:00 PM - last edited on 10-07-2020 08:08 AM by BPry
Hi community
In a lot of topics there are discussions and questions about PAN-OS enhancements and missing (not yet implemented) features. So far the PaloAlto Feature Request list isn't available to the public but in a lot of these existing topics feature request IDs (FR ID) are mentionned. Even knowing that PAN-OS is already a feature rich firewall operating system, there is always room for improvement, so I thought it might be helpful for others (and myself) to collect these existing public available FR IDs and summarize them in one topic.
ID | Description | Additional Information/Workaround | Implemented in |
130 | Filter Logs by Adress Groups | - | - |
204 | Automatic rollback to last "good" configuration | - | - |
241 | SMTP authentication in Email server profile | - | - |
339 | Add negate function to all security policy columns | ||
776 | increase custom report limit beyound Top 500 | Also in FR ID 1636 and 1693 | - |
889 | Mac Address as match criteria in security policy | - | - |
913 | Preview response pages directly in the WebUI without having to download them | - | - |
919 | Support for ICAP (Internet Content Adaption Protocol) | - | - |
986 | Custom Reports for System logs | - | - |
1172 | Ignore usergroup from User-ID | - | - |
1225 | Participation of PA firewalls in Spannin Tree | - | - |
1370 | URL column length limit in Reports | - | - |
1696 | Include Interface IP in SNMP MIB | - | - |
2153 | Terminal Server Agent for Linux | - | - |
2287 | Different ACLs for https, snmp, ... | - | - |
2666 | VRRP Support for clusters between PA and other devices | - | - |
2924 | Optain Global Protect IP from DHCP Server | - | - |
3051 | User Activity Report Enhancement (detailed web-browsing statistics including time spent) | - | - |
3060 | DHCPv6 client support | - | - |
3495 | Custom reports for system Logs | - | - |
3591 | /31 subnetmask support for HA1 link | - | - |
4035 | Dedicated Log category for Global Protect | - | - |
4443 | Support for USB modems (3G/4G/5G ...) | - | - |
4454 | gray out policies with expired schedules | - | - |
4507 | Show current interface bandwidth in a dashboard widget and log over time. | - | Not a dashboard widget but throughbut statistics and other device health metrics are implemented in PAN-OS 8.1 |
4603 | Concurrent GP VPN session limit per User | - | - |
4669 | Generate system log upon schedule end | - | - |
4670 | Proactive notification for policies with soon expiring scheduled | - | - |
4788 | Block emails based on domains in "to", "cc" or "bcc", also log these in addition to only "to" and reply with smtp 541 when blocked | - | - |
4920 | Display SFP, SFP+ and QSFP serial number | - | - |
5000 | SCEP Server integrated in the firewall | - | - |
5078 | per-IP Traffic shaping | - | - |
5357 | Global Protect Agent Uninstall Password | - | - |
5612 | Automatically disable and remove policies with expired schedules | - | - |
5678 | Log the TLS version of websites and enable reporting about this | - | - |
5686 | DHCP Client Class-ID Setting | - | - |
5844 | BGP SNMP monitorings | - | - |
6186 | Log and report search keywords | - | - |
6548 | Customizable SMTP Response for Vulnerability Protection | - | - |
6609 | Add "Threat Email" to email subject when something malicious was detected and also log "cc" and "bcc" | - | - |
7365 | DHCPv6 Server support | - | - |
7654 | Support of DIPP with non-strict recognition by devices (Cisco ASA like) | - | - |
7832 | User-ID for Azure-AD authenticated users | - | - |
9113 | Integrated addressobjects for well-known cloud services | - | - |
9195 | OCSP stapling support for inbound decryption | - | - |
9285 | Custom configrable MFA integration | - | - |
9509 | DoH (DNS over HTTPS)/DoT (DNS over TLS) Support for DNS Sinkhole Feature | - | - |
9522 | App-ID for DoH (DNS over HTTPS) / DoT (DNS over TLS) | Custom App-ID for DoH | - |
9563 | Configurable Time when Global Protect Captive Portal Notification should be shown | Captive Portal Notification Delay | GlobalProtect 4.1 |
9958 | Azure Information Protection (AIP) Tag support for Data Filtering | Release Notes Content Version 8129 | PAN-OS 8.0 starting with Content Update 8129 |
10173 | Automatically open browser when Global Protects a Captive Portal and opens a configurable website | Automatically Launch Webpage in Default Browser Upon Captive Portal Detection | Global Protect 5.0.4 starting with Content Update 8181 |
10931 | use logd disk space (33%) for elasric search in Panorama | Panorama disk space allocation | - |
11012 | Windows Server 2019 Support for User-ID Agent | - | User-ID Agent/PAN-OS 9.0.2 |
11153 | Completely remove Global Protect 4.0 Design out of Global Protect 5+ | - | - |
11211 | Forced Global Protect network rediscover after IP change | - | - |
11251 | Panorama High Availability: MFA using SAML (Okta) | - | - |
11524 | Use FIB for route monitoring instead of gateway of the route itself | - | - |
11763 | Include the username in the csv with the URL logs when running a user activity report | Download thelogs directly from the URL logs | - |
11764 | Allow for more "User Activity Report" customization - pie charts, different bar charts, color, tables, etc. | - | - |
11765 | WebUI Color/Theme changes (Dark mode) | already possible with some browser extensions (or maybe even directly in the browser) by modifying the css | - |
12264 | Reporting based on HIP match failures, specially which failed items | - | - |
12783 | Log E-Mail links forwarded to Wildfire | - | - |
13046 | Support gMSA accounts for User-IP-Mappings | - | - |
13414 | Negate source User | - | - |
15246 | Import/Export ACC and Dashboard Widgets. | - | - |
So far I found a few and I'll try to update this topic regularly. If you also know about existing requests, please write them here.
Regards,
Remo