{"id":592,"date":"2014-06-02T17:55:31","date_gmt":"2014-06-02T22:55:31","guid":{"rendered":"http:\/\/www.webadminblog.com\/?p=592"},"modified":"2014-06-02T17:55:31","modified_gmt":"2014-06-02T22:55:31","slug":"my-first-experiences-with-a-palo-alto-firewall","status":"publish","type":"post","link":"https:\/\/www.webadminblog.com\/index.php\/2014\/06\/02\/my-first-experiences-with-a-palo-alto-firewall\/","title":{"rendered":"My First Experiences with a Palo Alto Firewall"},"content":{"rendered":"<p>I&#8217;ve been following <a href=\"https:\/\/paloaltonetworks.com\/\" target=\"_blank\">Palo Alto<\/a> as a networking company for a couple of years now.\u00a0 Their claim is that the days of the port-based firewall are dead and that their application-centric approach is a far better way to enforce your access controls.\u00a0 Take the HTTP protocol for example.\u00a0 HTTP typically runs as a service on port 80, but does that mean that everything running on port 80 is HTTP?\u00a0 As an attacker looking for a way to funnel data out of your organization, why not use the standard HTTP port to send data, since I know you leave it wide open in order for your employees to surf the web.\u00a0 There&#8217;s nothing to say that I actually have to be running an HTTP server on the other end and there&#8217;s nothing on my classic firewall to tell any differently.\u00a0 At first, I was admittedly a bit skeptical.\u00a0 I didn&#8217;t think that you could really tell enough about different applications on the web to be able to separate them out like Palo Alto claims to.\u00a0 Fortunately, Palo Alto reached out to me and provided me with a brand new <a href=\"https:\/\/paloaltonetworks.com\/products\/platforms\/firewalls\/pa-200\/overview.html\" target=\"_blank\">PA-200<\/a> in an attempt to change my mind.<\/p>\n<p>When the PA-200 arrived, it came with everything that I would need to get it up and running.\u00a0 That includes the unit itself, a power supply, a D89 to RJ45 console cable, an ethernet cable, and some instructions and warranty information.<\/p>\n<p><a href=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/20140521_175741.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-593\" src=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/20140521_175741-300x225.jpg\" alt=\"20140521_175741\" width=\"300\" height=\"225\" srcset=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/20140521_175741-300x225.jpg 300w, https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/20140521_175741-1024x768.jpg 1024w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>On the front of the unit is four ethernet ports for your devices, a management port, a USB port, a console port, and several status indicator LEDs.<\/p>\n<p><a href=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/20140521_175845-2.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-594\" src=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/20140521_175845-2-300x225.jpg\" alt=\"20140521_175845-2\" width=\"300\" height=\"225\" srcset=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/20140521_175845-2-300x225.jpg 300w, https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/20140521_175845-2-1024x768.jpg 1024w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>By default, the appliance is configured with ethernet ports 1 and 2 paired as a WAN to LAN link as this is the configuration that the majority of the people who buy it will likely use it for.\u00a0 That said, by following the instructions to connect your computer up to the management port, you can quickly access the user interface that allows you to change this assignment.<\/p>\n<p><a href=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.34.16-PM.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-595\" src=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.34.16-PM-300x67.png\" alt=\"Ethernet Configuration\" width=\"300\" height=\"67\" srcset=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.34.16-PM-300x67.png 300w, https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.34.16-PM-1024x228.png 1024w, https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.34.16-PM.png 1978w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>This shows the ethernet 1 and 2 interfaces as both being a &#8220;virtual wire&#8221; and here we can see the virtual wire that connects the two.<\/p>\n<p><a href=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.37.27-PM.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-596\" src=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.37.27-PM-300x15.png\" alt=\"Virtual Wire\" width=\"300\" height=\"15\" srcset=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.37.27-PM-300x15.png 300w, https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.37.27-PM-1024x52.png 1024w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>From here, we can take a look at the &#8220;zones&#8221; and see that our two interfaces have been defined as an untrusted (ethernet 1) and trusted (ethernet 2) zone.<\/p>\n<p><a href=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.38.47-PM.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-597\" src=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.38.47-PM-300x62.png\" alt=\"Zones\" width=\"300\" height=\"62\" srcset=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.38.47-PM-300x62.png 300w, https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.38.47-PM.png 886w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>To think of this a different way, my cable modem WAN connection (ie. the Internet) goes in my &#8220;untrust&#8221; zone and my local network (ie. LAN) goes in my &#8220;trust&#8221; zone.\u00a0 Now all that&#8217;s left is to set our policy and for ease of management to start with, I set it to allow everything out with a default deny all inbound.<\/p>\n<p><a href=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.43.27-PM.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-598\" src=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.43.27-PM-300x17.png\" alt=\"Security Profile\" width=\"300\" height=\"17\" srcset=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.43.27-PM-300x17.png 300w, https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.43.27-PM-1024x61.png 1024w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>With this configuration I had done enough to be up and running on the device and I immediately started to see data populate the dashboard on the top applications running on my network.<\/p>\n<p><a href=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.45.35-PM.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-599\" src=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.45.35-PM-300x184.png\" alt=\"Top Applications\" width=\"300\" height=\"184\" srcset=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.45.35-PM-300x184.png 300w, https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.45.35-PM.png 908w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>It&#8217;s color coded based on risk level and the dashboard also provides me a similar view of Top High Risk Applications.\u00a0 Any of these boxes can be clicked on in order to provide additional data about the protocol, sources, destinations, countries, and more.<\/p>\n<p><a href=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.48.25-PM.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-600\" src=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.48.25-PM-300x118.png\" alt=\"Application Information\" width=\"300\" height=\"118\" srcset=\"https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.48.25-PM-300x118.png 300w, https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.48.25-PM-1024x405.png 1024w, https:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/Screen-Shot-2014-06-02-at-5.48.25-PM.png 1364w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>Now, let me say that while I&#8217;m running this on my home internet connection, this thing is a hoss and can do way more than I can throw at it.\u00a0 With their App-ID technology enabled you can throw 100 Mbps of throughput at it no problem.\u00a0 In addition to being an application firewall, it also does standard port-based firewalling, VPN, routing, switching, and so much more.\u00a0 It&#8217;s so extremely versatile that this thing could easily be placed in a smaller branch office and replace multiple other devices on their network such as a firewall, router, and VPN concentrator.\u00a0 More functionality for less money&#8230;who wouldn&#8217;t want that?\u00a0 In addition to these default capabilities, additional licensing can also be obtained to allow you to do URL filtering, malware detection, and more.\u00a0 Having just gotten this up and running, I&#8217;m still exploring the ins and outs of all of the functionality, but it&#8217;s pretty exciting to have all of this capability in a box that is smaller than the cable modem my ISP provides me.\u00a0 More posts to come on this as I get deeper into the guts of running my new Palo Alto PA-200 !<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I&#8217;ve been following Palo Alto as a networking company for a couple of years now.\u00a0 Their claim is that the days of the port-based firewall are dead and that their application-centric approach is a far better way to enforce your access controls.\u00a0 Take the HTTP protocol for example.\u00a0 HTTP typically runs as a service on [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[71,5,70,28],"tags":[568,76,573,74,484,569,570,567,549,506,571,572,126],"class_list":["post-592","post","type-post","status-publish","format-standard","hentry","category-firewalls","category-monitoring","category-networking","category-security","tag-alto","tag-application","tag-filter","tag-firewall","tag-malware","tag-networks","tag-pa-200","tag-palo","tag-risk","tag-router","tag-switch","tag-url","tag-vpn"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.10 - aioseo.com -->\n\t<meta name=\"description\" content=\"I&#039;ve been following Palo Alto as a networking company for a couple of years now. Their claim is that the days of the port-based firewall are dead and that their application-centric approach is a far better way to enforce your access controls. Take the HTTP protocol for example. HTTP typically runs as a service on\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"Josh\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/www.webadminblog.com\/index.php\/2014\/06\/02\/my-first-experiences-with-a-palo-alto-firewall\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.10\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Web Admin Blog | Real Web Admins.  Real World Experience.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"My First Experiences with a Palo Alto Firewall | Web Admin Blog\" \/>\n\t\t<meta property=\"og:description\" content=\"I&#039;ve been following Palo Alto as a networking company for a couple of years now. Their claim is that the days of the port-based firewall are dead and that their application-centric approach is a far better way to enforce your access controls. Take the HTTP protocol for example. HTTP typically runs as a service on\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/www.webadminblog.com\/index.php\/2014\/06\/02\/my-first-experiences-with-a-palo-alto-firewall\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2014-06-02T22:55:31+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2014-06-02T22:55:31+00:00\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"My First Experiences with a Palo Alto Firewall | Web Admin Blog\" \/>\n\t\t<meta name=\"twitter:description\" content=\"I&#039;ve been following Palo Alto as a networking company for a couple of years now. Their claim is that the days of the port-based firewall are dead and that their application-centric approach is a far better way to enforce your access controls. Take the HTTP protocol for example. HTTP typically runs as a service on\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/2014\\\/06\\\/02\\\/my-first-experiences-with-a-palo-alto-firewall\\\/#article\",\"name\":\"My First Experiences with a Palo Alto Firewall | Web Admin Blog\",\"headline\":\"My First Experiences with a Palo Alto Firewall\",\"author\":{\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/author\\\/jsokol\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"http:\\\/\\\/www.webadminblog.com\\\/wp-content\\\/uploads\\\/2014\\\/06\\\/20140521_175741-300x225.jpg\",\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/2014\\\/06\\\/02\\\/my-first-experiences-with-a-palo-alto-firewall\\\/#articleImage\"},\"datePublished\":\"2014-06-02T17:55:31-05:00\",\"dateModified\":\"2014-06-02T17:55:31-05:00\",\"inLanguage\":\"en-US\",\"commentCount\":3,\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/2014\\\/06\\\/02\\\/my-first-experiences-with-a-palo-alto-firewall\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/2014\\\/06\\\/02\\\/my-first-experiences-with-a-palo-alto-firewall\\\/#webpage\"},\"articleSection\":\"Firewalls, Monitoring, Networking, Security, alto, application, filter, firewall, malware, networks, pa-200, palo, risk, router, switch, url, vpn\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/2014\\\/06\\\/02\\\/my-first-experiences-with-a-palo-alto-firewall\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.webadminblog.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.webadminblog.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/category\\\/networking\\\/#listItem\",\"name\":\"Networking\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/category\\\/networking\\\/#listItem\",\"position\":2,\"name\":\"Networking\",\"item\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/category\\\/networking\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/category\\\/networking\\\/firewalls\\\/#listItem\",\"name\":\"Firewalls\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.webadminblog.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/category\\\/networking\\\/firewalls\\\/#listItem\",\"position\":3,\"name\":\"Firewalls\",\"item\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/category\\\/networking\\\/firewalls\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/2014\\\/06\\\/02\\\/my-first-experiences-with-a-palo-alto-firewall\\\/#listItem\",\"name\":\"My First Experiences with a Palo Alto Firewall\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/category\\\/networking\\\/#listItem\",\"name\":\"Networking\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/2014\\\/06\\\/02\\\/my-first-experiences-with-a-palo-alto-firewall\\\/#listItem\",\"position\":4,\"name\":\"My First Experiences with a Palo Alto Firewall\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/category\\\/networking\\\/firewalls\\\/#listItem\",\"name\":\"Firewalls\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/#organization\",\"name\":\"Web Admin Blog\",\"description\":\"Real Web Admins.  Real World Experience.\",\"url\":\"https:\\\/\\\/www.webadminblog.com\\\/\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/author\\\/jsokol\\\/#author\",\"url\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/author\\\/jsokol\\\/\",\"name\":\"Josh\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/2014\\\/06\\\/02\\\/my-first-experiences-with-a-palo-alto-firewall\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/17951f69795527f90a4e9cb75ad6c9b3?s=96&d=identicon&r=pg\",\"width\":96,\"height\":96,\"caption\":\"Josh\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/2014\\\/06\\\/02\\\/my-first-experiences-with-a-palo-alto-firewall\\\/#webpage\",\"url\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/2014\\\/06\\\/02\\\/my-first-experiences-with-a-palo-alto-firewall\\\/\",\"name\":\"My First Experiences with a Palo Alto Firewall | Web Admin Blog\",\"description\":\"I've been following Palo Alto as a networking company for a couple of years now. Their claim is that the days of the port-based firewall are dead and that their application-centric approach is a far better way to enforce your access controls. Take the HTTP protocol for example. HTTP typically runs as a service on\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/2014\\\/06\\\/02\\\/my-first-experiences-with-a-palo-alto-firewall\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/author\\\/jsokol\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/index.php\\\/author\\\/jsokol\\\/#author\"},\"datePublished\":\"2014-06-02T17:55:31-05:00\",\"dateModified\":\"2014-06-02T17:55:31-05:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/#website\",\"url\":\"https:\\\/\\\/www.webadminblog.com\\\/\",\"name\":\"Web Admin Blog\",\"description\":\"Real Web Admins.  Real World Experience.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.webadminblog.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"My First Experiences with a Palo Alto Firewall | Web Admin Blog","description":"I've been following Palo Alto as a networking company for a couple of years now. Their claim is that the days of the port-based firewall are dead and that their application-centric approach is a far better way to enforce your access controls. Take the HTTP protocol for example. HTTP typically runs as a service on","canonical_url":"https:\/\/www.webadminblog.com\/index.php\/2014\/06\/02\/my-first-experiences-with-a-palo-alto-firewall\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.webadminblog.com\/index.php\/2014\/06\/02\/my-first-experiences-with-a-palo-alto-firewall\/#article","name":"My First Experiences with a Palo Alto Firewall | Web Admin Blog","headline":"My First Experiences with a Palo Alto Firewall","author":{"@id":"https:\/\/www.webadminblog.com\/index.php\/author\/jsokol\/#author"},"publisher":{"@id":"https:\/\/www.webadminblog.com\/#organization"},"image":{"@type":"ImageObject","url":"http:\/\/www.webadminblog.com\/wp-content\/uploads\/2014\/06\/20140521_175741-300x225.jpg","@id":"https:\/\/www.webadminblog.com\/index.php\/2014\/06\/02\/my-first-experiences-with-a-palo-alto-firewall\/#articleImage"},"datePublished":"2014-06-02T17:55:31-05:00","dateModified":"2014-06-02T17:55:31-05:00","inLanguage":"en-US","commentCount":3,"mainEntityOfPage":{"@id":"https:\/\/www.webadminblog.com\/index.php\/2014\/06\/02\/my-first-experiences-with-a-palo-alto-firewall\/#webpage"},"isPartOf":{"@id":"https:\/\/www.webadminblog.com\/index.php\/2014\/06\/02\/my-first-experiences-with-a-palo-alto-firewall\/#webpage"},"articleSection":"Firewalls, Monitoring, Networking, Security, alto, application, filter, firewall, malware, networks, pa-200, palo, risk, router, switch, url, vpn"},{"@type":"BreadcrumbList","@id":"https:\/\/www.webadminblog.com\/index.php\/2014\/06\/02\/my-first-experiences-with-a-palo-alto-firewall\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/www.webadminblog.com#listItem","position":1,"name":"Home","item":"https:\/\/www.webadminblog.com","nextItem":{"@type":"ListItem","@id":"https:\/\/www.webadminblog.com\/index.php\/category\/networking\/#listItem","name":"Networking"}},{"@type":"ListItem","@id":"https:\/\/www.webadminblog.com\/index.php\/category\/networking\/#listItem","position":2,"name":"Networking","item":"https:\/\/www.webadminblog.com\/index.php\/category\/networking\/","nextItem":{"@type":"ListItem","@id":"https:\/\/www.webadminblog.com\/index.php\/category\/networking\/firewalls\/#listItem","name":"Firewalls"},"previousItem":{"@type":"ListItem","@id":"https:\/\/www.webadminblog.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/www.webadminblog.com\/index.php\/category\/networking\/firewalls\/#listItem","position":3,"name":"Firewalls","item":"https:\/\/www.webadminblog.com\/index.php\/category\/networking\/firewalls\/","nextItem":{"@type":"ListItem","@id":"https:\/\/www.webadminblog.com\/index.php\/2014\/06\/02\/my-first-experiences-with-a-palo-alto-firewall\/#listItem","name":"My First Experiences with a Palo Alto Firewall"},"previousItem":{"@type":"ListItem","@id":"https:\/\/www.webadminblog.com\/index.php\/category\/networking\/#listItem","name":"Networking"}},{"@type":"ListItem","@id":"https:\/\/www.webadminblog.com\/index.php\/2014\/06\/02\/my-first-experiences-with-a-palo-alto-firewall\/#listItem","position":4,"name":"My First Experiences with a Palo Alto Firewall","previousItem":{"@type":"ListItem","@id":"https:\/\/www.webadminblog.com\/index.php\/category\/networking\/firewalls\/#listItem","name":"Firewalls"}}]},{"@type":"Organization","@id":"https:\/\/www.webadminblog.com\/#organization","name":"Web Admin Blog","description":"Real Web Admins.  Real World Experience.","url":"https:\/\/www.webadminblog.com\/"},{"@type":"Person","@id":"https:\/\/www.webadminblog.com\/index.php\/author\/jsokol\/#author","url":"https:\/\/www.webadminblog.com\/index.php\/author\/jsokol\/","name":"Josh","image":{"@type":"ImageObject","@id":"https:\/\/www.webadminblog.com\/index.php\/2014\/06\/02\/my-first-experiences-with-a-palo-alto-firewall\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/17951f69795527f90a4e9cb75ad6c9b3?s=96&d=identicon&r=pg","width":96,"height":96,"caption":"Josh"}},{"@type":"WebPage","@id":"https:\/\/www.webadminblog.com\/index.php\/2014\/06\/02\/my-first-experiences-with-a-palo-alto-firewall\/#webpage","url":"https:\/\/www.webadminblog.com\/index.php\/2014\/06\/02\/my-first-experiences-with-a-palo-alto-firewall\/","name":"My First Experiences with a Palo Alto Firewall | Web Admin Blog","description":"I've been following Palo Alto as a networking company for a couple of years now. Their claim is that the days of the port-based firewall are dead and that their application-centric approach is a far better way to enforce your access controls. Take the HTTP protocol for example. HTTP typically runs as a service on","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/www.webadminblog.com\/#website"},"breadcrumb":{"@id":"https:\/\/www.webadminblog.com\/index.php\/2014\/06\/02\/my-first-experiences-with-a-palo-alto-firewall\/#breadcrumblist"},"author":{"@id":"https:\/\/www.webadminblog.com\/index.php\/author\/jsokol\/#author"},"creator":{"@id":"https:\/\/www.webadminblog.com\/index.php\/author\/jsokol\/#author"},"datePublished":"2014-06-02T17:55:31-05:00","dateModified":"2014-06-02T17:55:31-05:00"},{"@type":"WebSite","@id":"https:\/\/www.webadminblog.com\/#website","url":"https:\/\/www.webadminblog.com\/","name":"Web Admin Blog","description":"Real Web Admins.  Real World Experience.","inLanguage":"en-US","publisher":{"@id":"https:\/\/www.webadminblog.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Web Admin Blog | Real Web Admins.  Real World Experience.","og:type":"article","og:title":"My First Experiences with a Palo Alto Firewall | Web Admin Blog","og:description":"I've been following Palo Alto as a networking company for a couple of years now. Their claim is that the days of the port-based firewall are dead and that their application-centric approach is a far better way to enforce your access controls. Take the HTTP protocol for example. HTTP typically runs as a service on","og:url":"https:\/\/www.webadminblog.com\/index.php\/2014\/06\/02\/my-first-experiences-with-a-palo-alto-firewall\/","article:published_time":"2014-06-02T22:55:31+00:00","article:modified_time":"2014-06-02T22:55:31+00:00","twitter:card":"summary_large_image","twitter:title":"My First Experiences with a Palo Alto Firewall | Web Admin Blog","twitter:description":"I've been following Palo Alto as a networking company for a couple of years now. Their claim is that the days of the port-based firewall are dead and that their application-centric approach is a far better way to enforce your access controls. Take the HTTP protocol for example. HTTP typically runs as a service on"},"aioseo_meta_data":{"post_id":"592","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2025-01-03 18:40:13","updated":"2025-07-17 07:19:31","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/www.webadminblog.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/www.webadminblog.com\/index.php\/category\/networking\/\" title=\"Networking\">Networking<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/www.webadminblog.com\/index.php\/category\/networking\/firewalls\/\" title=\"Firewalls\">Firewalls<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tMy First Experiences with a Palo Alto Firewall\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/www.webadminblog.com"},{"label":"Networking","link":"https:\/\/www.webadminblog.com\/index.php\/category\/networking\/"},{"label":"Firewalls","link":"https:\/\/www.webadminblog.com\/index.php\/category\/networking\/firewalls\/"},{"label":"My First Experiences with a Palo Alto Firewall","link":"https:\/\/www.webadminblog.com\/index.php\/2014\/06\/02\/my-first-experiences-with-a-palo-alto-firewall\/"}],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/pfI0c-9y","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts\/592","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/comments?post=592"}],"version-history":[{"count":1,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts\/592\/revisions"}],"predecessor-version":[{"id":601,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts\/592\/revisions\/601"}],"wp:attachment":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/media?parent=592"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/categories?post=592"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/tags?post=592"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}