Hi @Shadow ,
- You can install virtual PA firewall for lab and use it without licenses. BUT there are lot of limitation:
- You will have very low limit of concurrent connections and throughput (not big of a deal right)
- You will be limited to 1-2 concurrent GlobalProtect (remote access VPN) users
- You will not be able to enable any of the additional NGFW inspection (IPS, AV, URL, DNS etc, non of that)
- Your FW should still be able to apply application identification and filtering based on application (not layer4 port), but you wouldn't receive automatic updates, so you will need to upload such dynamic update package manually. You can use build, but it is possible that non applications will be identified correctly.
To sum up you should be able to test most (or even all) features of layer4 firewall - VPN (RAS and site-to-site), networking, routing, High-Availability, basic security rules, I believe even user identification (not sure about that)
- If you want to learn more you will definitively need to contact account/sales and request evaluation license - which is valid for 30 days.
- Apart from hands-on-lab you have the option to go over the self-paced training on https://beacon.paloaltonetworks.com/student/catalog/list?category_ids=25389-strata Beacon is Palo Alto learning portal with ton of free online self-paced training. You can search for "Strata" product there - is the "code" name for all firewall related.
... View more