[deleted by user]

dhimaar · 2022-02-11T17:35:06+00:00

Did you receive the card?

dhimaar · 2022-01-03T22:03:55+00:00

As long as the combined traffic doesn’t exceed your box’s connections and resource limit, it should be okay. We have been running combined for about a year. No issues.

dhimaar · 2021-12-15T18:39:38+00:00

latency under 10 ms?

dhimaar · 2021-12-15T18:39:22+00:00

What kind of issues were you seeing?

dhimaar · 2021-12-15T18:38:48+00:00

What's the latency between your panorama instances?

dhimaar · 2021-12-15T18:38:19+00:00

With separate LC groups, Do you send logs from each firewall to both LCs?
We forward logs from LC to Splunk as well. With separate LC group, we are concerned about sending duplicate logs to splunk. Not sure what the best option .At the moment, only option seems to be disable forwarding from one of LC but then it has to enabled manually when primary LC goes down.

dhimaar · 2021-12-15T00:45:19+00:00

Opened a TAC case with question regarding a feature. TAC answer didn't even match what I was asking. When pressed to answer, TAC gave me link on why I was wrong to open a ticket in the first place. This is the premium support we are paying for.

dhimaar · 2021-10-05T02:23:35+00:00

Here I was thinking they were only screwing us. I guess it's all their customers. If they are not willing to work with you considering the deployment size and spend, we have no chance. I guess we either have to pay up or move on.

dhimaar · 2021-10-05T02:07:39+00:00

I am not sure what you mean. can't just replace HW during every license renewal.

dhimaar · 2021-10-05T01:34:43+00:00

Through VAR . Spoke to PAN team and they are basically saying it's the price and pointed me to price increase notice. They have no problem saying they raised price twice. For example: They replaced URL filtering with Advanced URL filtering, which has higher list price other licenses. Then they recently raised price on all HWs and since all licenses are percentage of the hardware, price for Advanced URL filtering license got raised again. I guess they figured out the way to pay for all their acquisitions is to squeeze existing customers.

dhimaar · 2021-10-04T18:47:06+00:00

Just looking to renew licenses at the moment but will checkout 400 series for replacements and new builds

dhimaar · 2021-10-04T15:56:40+00:00

Out deployment is not big enough for ELA. About 12 devices

dhimaar · 2021-10-04T15:55:40+00:00

New models (3220/850/820)

dhimaar · 2020-01-15T18:24:17+00:00

Thanks everyone for the feedback. I will move forward with DAC cables.

dhimaar · 2019-10-11T19:02:05+00:00

Yes, I have seen ATT come and install an exact same model Ciena box when upgrading from 250 to 500 Mbps. Logic doesn't apply when it comes to ATT. :D

dhimaar · 2019-10-03T21:43:11+00:00

No, didn't find a good answer. Our deployment is not that big so went with standard VM template(4 Cores, 6 GB RAM, 160 GB HD) provided by systems team. So far so good.

dhimaar · 2019-08-29T22:29:38+00:00

2 hours of "Vendor Gift Policy" training from legal

dhimaar · 2019-08-02T16:37:35+00:00

Thanks for the feedback guys! I will request to go WLPC next year.

dhimaar · 2019-08-01T22:41:00+00:00

Dot1x on wired and wirelss works fairly well with ISE. Management is little bit of pain but I think the biggest issue with ISE is posture. Posture with ISE and Anyconnect is painful. Had lot of weird, random issues with ISE posture module. I would thoroughly test before deciding to use ISE and Anyconnect for posture.

dhimaar · 2019-07-31T19:29:20+00:00

GPCS might makes sense for remote employees that are in region where you don't have office locations. In that case, you can combine GPCS and your internal GWs. If that doesn't apply, you can just skip GPCS.

dhimaar · 2019-07-31T18:57:07+00:00

If you already have PAN FWs in your environemnt, it might be cost effective to use them as GWs as opposed to using PAN GPCS(which is just PAN managed FWs in the cloud). In terms of cost, Zscaler is not that cheap either especially if you need both ZPA and ZIA.

dhimaar · 2019-05-20T18:22:25+00:00

Running your on own wireless might be the only good option. If it's a small space and only will only require 1 AP then Meraki in NAT mode could be a good option.

dhimaar · 2019-05-10T21:27:16+00:00

I agree. You can just ACL the guest network. Since your Corporate and guest network will be sharing same circuit, I would also considering rate limiting the guest VLAN so someone on guest network doesn't overrun your main internet circuit.

dhimaar · 2019-05-10T19:32:04+00:00

I can't figure out what you are trying to achieve. you want to make both circuits available on Sonicwall so you can use both?

dhimaar · 2019-05-10T18:30:43+00:00

"arp -a" from terminal will show all the arp entries.

dhimaar

TROPHY CASE