@mrbios i dont know if this would be of any interest but we have done a few PaloAlto installs into education over the past six months, i could try and find one of them thats able to speak with you about the solution?
Alternatively, we have Robert Needs, one of our engineers who is fully trained on the Palo solution and has a great knowledge base on the technical side, and Mark Power who is able to talk through all your sales options etc. Hopefully a combo of the two could help answer some questions you may have
I currently have 2 Palo Alto boxes running on my setup. They are the older 2020 models and not the newfangled 3000 or 5000 series. But essentially they all have the same basic settings.
For a firewall it is top notch, allows for a great in depth configuration to allow only what you want in and our of your network as well as allowing certain users, regardless of where they are logging in from, higher or lower access to the internet and/or network. The Anti-Spam thing isn't such a big deal for us as we have a 3rd party doing that for us before the mails even make it to our system.
There are a couple of drawbacks, but from what I have heard this is largely down to A. these lower level boxes we have and B. down to the amount of rules we have setup (203 just on the security rules). The problems I mentioned are very slow commit changes time, can take upwards of 5-10 minutes to apply changes. And some slow navigation of the web GUI, again down to the amount of rules we have.
Although I will be over Christmas doing a tidy up of the rules and removing redundant ones. So hopefully it will pick up.
Lastly, I will just say that it depends on what you want/need the box to do. If you don't need such tight control over your network traffic as well as being able to identify what kind of traffic it is and having that added layer of protection with the Anti-virus and Application threat detection, then you probably don't need a Palo Alto box and you will probably be able to get away with using a Equiinet Cachepilot or something like that.
Excellent firewall, web filtering not as stellar.. doesn't deal with granulated controls of social networks, doesn't support YouTube for schools, etc...
If there is anything i can do to help regarding Palo or if you have any questions please feel free to let me know. We can set-up a tech call with an SE at Palo or look at getting some trial equipment out to you.
If you're already dealing with someone, i apologise for the intrusion :)
Ignore this post. Someone else has posted on my behalf already haha
Would be interested to hear about anyone using their Palo with Bloxx or Smoothwall hanging off it for web filtering, particularly if the filtering runs in transparent proxy mode...
@Soulfish has as PA F/W with Smoothie filtering :)
Originally Posted by gshaw