This is webpage is created by Kartik for his interview purpose only.
This is webpage is created by Kartik for his interview purpose only.
The visual presentation below shows the how panorama interacts with Palo Alto Networks Firewalls.
Panorama Highlights
- It provides a global view of the firewall network.
- It is a centralized configuration management.
- Centralized logging and reporting.
- Centralized deployment management.
- Supports High Availability (HA)
- Supports file shares, so we can work with SAN, NAS, and NFS (for logging).
- It provides multiple access method – CLI, GUI, and XML API.
- Can support up to 1000 devices.
- Management works over TCP port 3978.
- Provides Dynamic updates – It pulls the updates and then can push them to the firewalls.
- Provides role based administration control – We can have global admins, template admins, device group admins, local admins.
- We can have shared policies which can be applied to multiple firewalls. Furthermore, Panorama provides the concept of pre- and post-rules to provide control over the order in which policies are applied.
– We can have shared groups, device groups, and local groups. Local groups can over ride device groups, and device groups can over ride shared groups.
- Panorama policies are tried to the device groups. They can be sent to a whole device group or to an individual firewall. Once pushed down they can’t edited on the local device but can be overridden or reordered.
– We can have “combined rules preview” to see where the rule is going to fit and how it is going to be applied to a device.
- Panorama also provides an option to “commit” first at the Panorama level to check for any errors and then it can pushed to the devices.
- Panorama can ‘proxy a management connection’ to an individual device. This is called “Context Switching”. We can move from global admin down to an individual administration.
- Zone Names can be specified in Panorama template or configured on the local device. Any policy that is tagged with a non-existent zone will be dropped.
– Yellow dot means that something we applied is overridden by a local policies.
- In large deployments, we can have multiple M100 (Panorama) set up as log collectors, so we can spread our disk usage, processing power to collect logs and separate them for actua management function.
- Robust Reporting Engine: We can aggregate logs from all the devices and can run custom reports to filter out important information.
