Agree, and have had a similar experience. Deployed Traps into an Exchange 2016 environment and have had no issues so far however we did hash and verdict all of the executables on the exchange servers before we activated Traps. No surprises! If anyone needs to do this, I found these docs helpful: Running SigCheck: https://www.paloaltonetworks.com/documentation/34/endpoint/endpoint-admin-guide/manage-traps-in-a-vdi-environment/configure-the-master-policy/prerequisites-for-configuring-the-master-policy Uploading Hashes to Wildfire / Receiving Verdicts: https://www.paloaltonetworks.com/documentation/34/endpoint/endpoint-admin-guide/manage-traps-in-a-vdi-environment/configure-the-master-policy/use-the-traps-vdi-tool-to-configure-the-master-policy Note: if you're not configuring a VDI image you can skip the steps about marking the image as VDI, etc.
... View more