Showing results for 
Show  only  | Search instead for 
Did you mean: 
Please sign in to see details of an important advisory in our Customer Advisories area.

Who rated this post

L1 Bithead

Hello Palo Alto Networks Community and Development Team,


as a big Palo Alto fan, I am advocating for an important feature enhancement in Palo Alto firewalls: the integration of NTP server capabilities. This addition would not only elevate the functionality of Palo Alto devices but also address crucial needs in network management and security. Here's a deeper dive into the specific advantages:


  1. Consolidation of Network Services: The integration of NTP server functionality into Palo Alto firewalls would streamline network services. This feature is common in many network devices and its absence in Palo Alto products is noticeable. By adding this, network infrastructure becomes more efficient, reducing both costs and the complexity of managing disparate systems.

  2. Critical for Troubleshooting and Security: Accurate and synchronized time-keeping is fundamental for network security, compliance, and performance analysis. It plays a pivotal role in event correlation, forensic investigations, and complying with regulatory standards. During network issues, having a local NTP server is invaluable for ensuring accurate time-stamping across all devices, which is crucial for effective troubleshooting and analysis. The lack of a local, reliable time source can significantly impede the resolution of network problems, especially in isolated or sensitive environments. And especially in case of problems (whether security, WAN or other) it is often very helpful to have an NTP server running locally.

  3. Essential for Remote or Small Sites: For smaller or remote locations without direct internet access, having a firewall with integrated NTP server capabilities is incredibly beneficial. It negates the need for a dedicated NTP server, simplifying network setup and management while ensuring essential time synchronization services are maintained. Although you offer small firewalls for precisely this purpose, you do not support this function, which is really useful for this purpose.

From a personal standpoint, I consider NTP server functionality as a fundamental protocol and an indispensable feature for any advanced network device. In my experience and judgment, I would assign it a ranking of 'A' - absolutely necessary. There are simply various scenarios in which this function would be very helpful. Especially as many other competitors offer this feature and it really is one of the basic functions. Its inclusion in Palo Alto firewalls would be a significant step forward in meeting the contemporary needs of network infrastructure, enhancing both the utility and security of the networks we manage.

Thank you for considering this enhancement.


Best regards,

Who rated this post