June 12, 2014 by Rishit Patel
A new useful feature in PAN-OS v6 is ability to capture extended threat traffic from vulnerability protection and anti-spyware.
In PAN-OS 5.x, threat captures only captured the last packet which actually triggered the event. This behavior didn't provide enough information around the context of the threat in question and consequently didn't provide security analysts with detailed network forensic data to further investigate the threat within their network.
PAN-OS v6 allow you to capture up to 50 extended packets and they are held locally on the device with the ability to export to a 3rd party tool such as Wireshark for detailed analysis.
