A . Discuss the PAN-OS Policy Optimizer feature as a means to safely migrate port-based rules to

application-based rules.

PAN-OS includes the Policy Optimizer tool, which helps migrate legacy port-based rules to

application-based policies incrementally and safely. This tool identifies unused, redundant, or overly

permissive rules and suggests optimized policies based on actual traffic patterns.

Why Other Options Are Incorrect

B: The migration wizard does not automatically convert port-based rules to application-based rules.

Migration must be carefully planned and executed using tools like the Policy Optimizer.

C: Running two firewalls in parallel adds unnecessary complexity and is not a best practice for

migration.

D: While port-based rules are supported, relying on them defeats the purpose of transitioning to

application-based security.

Reference:

Palo Alto Networks Policy Optimizer

Thank you for your visit.