I am in the final phase of staging our Palo Alto 5050 in the office. We are planning to deploy this unit as both an edge and datacentre firewall.
It’s a pretty nifty device. Before even implementing it, we have been able to use it in what’s called TAP mode to look at what kind of traffic is traversing our network. It’s very surprising to see what is chewing up bandwidth. The biggest surprise for me was iCloud. I couldn’t believe the gigs of data being transferred back and forth from Apple.
One of the caveats I have found so far with setting it up is when you setup your captive portal to pick up guest users. We created both a guest account for truly guest users but also give the end user a chance to authenticate using AD credentials on the captive portal for more access. Your authentication has to be local database first before your LDAP lookup in the AD. Otherwise it tries to authenticate in AD first, then gives up without checking the local database.