New Job

[wintermute000]

That, and next to no next-gen features. Chaining an actual NFGW in-line doesn't count... that's two firewalls. LOL

I won't even mention zoning.... at least they can do BGP and routed VPNs now, allegedly LOL

Back on topic though, please for the love of all that is holy, remember your roots and remember that security is supposed to make things happen securely, NOT just secure things.
Something that can't connect to anything is 100% secure after all.


That, and if anyone proposes to stick a default gateway on a firewall, burn it with fire. Esp if they are trying to shove it into a leaf-spine fabric.

[dlots]

GRATZ!!

That, and they are horrible firewalls to work with on the CLI.

Still better than working with them on the GUI :-P

[SimonV]

I've corrected my original post

[LynK]

CONGRATS MAN!

Let me give you a few caveats I have found with PAN products so far:

1) Their sub-interfaces do not have separate MAC addresses (BIG ISSUE... really stupid)

2) They cannot support DHCP to DHCP IPSEC VPN

3) Cannot do http redirects (not really a big surprise here)

[icecream-guy]

so far going well, still working on my access and lots of training, maybe next week i'll even get to do some real work. Mostly working with non-X ASA's in a LAN setting. providing different groups with LAN access to different services, seems like a good place, busy, with lots of nice people, commute is minimally worse and I do get to sleep in a bit later. don't know what the commute will be like when school starts back up.