The PAN-OS 6.1 (running the Palo Alto Networks firewall) has recently been released. Here are my initial thoughts on the release.
Short story… it is not a revolution.. more like a good piece of evolution. Given that it is only a minor release this seems to be a good thing. A few new things have been added, but mostly it is existing stuff which has been refined.
The rules in the security policy now also reflects the implicit rules at the bottom!! No more forgetting the implicit deny for interzone traffic, nor the implicit permit for intrazone traffic. Small… but great addition!
A new small addition to the detailed logs are the session end reason.. Pretty nice to see if the connection was taken down due to a tcp-fin, tcp-rst or what-ever.
And even more details to the logs are provided with the addition of HTTP header information. Not entirely sure as to how beneficial it will be in investigation scenarios, but more data is always welcome
The monitoring tabs have also become more usefull, and Palo Alto has fixed some of those prior annoyances with the graphs. They have also finally gotten rid of the flash parts. The graphs are now created in HTML5.
Traffic graph over time, has been made better and more usefull
Beyond this, a lot of under-the-hood enhancements, have also been implemented. Some of which are pretty neat…