Palo Alto (PA-200) Initial Thoughts

I got my PA-200 at home last night and played around with it.
To me it feels like the GUI intuition of an ASA and the CLI of JunOS combined into one (best of both worlds).
So granted I turned on all functionality in the lab but that’s running for a total of 4 people so I can’t see load stress tests but it works really well!
Pros I can see right off the bat in the environment:
  • Does URL Filtering (Cost Savings and management savings overhead reduction)
  • USER-ID gives you much more granularity about user utilization
  • APP-ID gives you information about app signatures and security utilization.
  • Spyware/Malware/AV/URL protection at the network level
  • Simple to figure out if you know ASA/JunOS configurations
  • IPS capabilities
  • Simplifying management can give you a great ROI potential
  • Many other features
Concerns are:
  • All in one devices…I have yet to have “good luck” with all in one devices. I’ll be trying to generate a packet flood scenario in the home lab to see what load looks like with all features turned on shortly. It won’t be 100% real world but with the tools I have it’s the closest I can get. I’ll also try to find some lab results accordingly.
I will be setting up a new lab between my ASA, SRX, and PA shortly to do some testing and configuration example during my free time…and of course will be sharing it out to followers accordingly.
Stay tuned!
Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather