Always Networks Blog - API

Identifying which zone a subnet is in on a Palo Alto firewall - Script

One of the challenges with managing any zone based firewall on a large scale is knowing which zone everything is in. We all know that the network should be well documented, but we also know that routing tables get unwieldy, and it's not uncommon when adding a firewall rule to be wondering exactly which zone that source or destination is in.

There are three ways …

Read whole post...

Palo Alto scheduled backups - without Panorama

Fri 08 January 2016

Recently we deployed a Palo Alto VM-200 firewall. It was a stand-alone deployment on a remote site. We were going to deploy a pair, but we didn't see how much value it added as the VM-series firewalls do support HA but not stateful HA.

As it was stand-alone, it wasn't managed by Panorama. And without Panorama management, it is seemingly not very straightforward to enable …

Read whole post...