Review your PANW Experience


#22

Palo alto firewalls i like because of easy GUI management and its have good database of ids, threat prevention, depth monitoring.

can be consider for high end monuments and management and monitor at depth level.

I dislike one thing in this which is update timers.


#23

Palo alto firewalls i like because of easy GUI management and its have good database of ids, threat prevention, depth monitoring. can be consider for high end monuments and management and monitor at depth level. I dislike one thing in this which is update timers.


#24

PANW devices have reporting feature, audit feature, but on other hand its take time on implementing rules. Ben-fits can be count as PANW can block whatever i want link a chat box on a web page


#25

Its depth monitoring and reporting is best thing… nice


#26

I am new to this forum, so i have a hard time understanding what will Indeni do that the Panormara is not doing for the Palo Alto Networks firewall?


#27

Paul, hi. My name is Peri and I am reviewing the Indeni product in an environment that has Panorama and Firemon. What can Indeni bring to the table that is not already here?

Also, I would like to know how best can I implement this product in our environment?


#28

@Charles_Kim or @Brad_Spilde could also help answer this along with you, @pcarter!


Great question, Peri. :slight_smile:


#29

@kingman112 Peri, Indeni is a very unique tool.

I would say the major advantages of Indeni over just Panorama are:

  1. Unless you have Panorama 8.1 you won’t see any performance based metrics for your firewalls in Panorama
  2. Indeni aims at providing you with information about your environment BEFORE they become a problem.
  3. Many issues you rely on the firewall to alert you about can be too little to late, over alert, etc. They usually don’t provide any context around the problem and don’t offer you suggestions on what to look into for resolution.
  4. With every Indeni alert we include information and links to help you resolve the issue quickly without having to go search on your own for the related knowledge base articles.
  5. With the new backup feature of Indeni, you can pull backups to Indeni so that if your Panorama goes belly up, you still have a 3rd party backup available. Firemon probably is offering this in your environment also I imagine but Indeni is focused on performance, system config, best practice, and health. Panorama is primarily a configuration management tool and Firemon is primarily a compliance and security policy audit tool.

#30

@kingman112, hello. I’d recommend you install Indeni, so you can get a feel for it. It’s easy to do. It has provided useful information quickly (core dump files, dynamic updates not being scheduled for install, etc.) The flexible nature (i.e. scripts) from the company and other users from around the globe allows best practices/metrics to be seeded from multiple places.


#31

Very good GUI interface :wink:


Review your Check Point Experience
#32

GUI Interface, Threat Prevention


#33
  • Most worthy features are- Easier defined guidance steps to love anyone to learn Palo Alto Networks
    on-premise logging/reporting and ACC window
    PAN-NGFW logical control/dataplane design architecture
    any existing network can easily migration
    user-friendly NGFW/Panorama dashboard interface and CLI based on Juniper network
    easily connected with updates.paloaltonetworks for dynamic/software updates
    provides NGFW services as App-ID, Content-ID, user-ID which through inspection/analyze the traffic flow along with various security profiles
    easier panorama mgmt hierarchy solution and insight logs/reporting generation from managed appliances
    wildfire, virtual router, global protect, ssl forward/inbound inspection and much more.

  • Some dislike features are - not supported device based security filtration, dhcp relay agent

  • null

  • Also faced some business problems with PAN-OS firewall - captive portal authentication for end-users, globalprotect SSL VPN

  • real time logging facilities, SaaS application usage reports/custom group reports
    realtime capturing vulnerabilities with enabled SSL Decryption rules
    forwarding suspicious files/email links to wildfire cloud services
    various rules defined on a single policies window
    administrative management and insight logs/reports using panorama
    easier to findout troubleshooting issues and much more…