Panorama: Centralised Management
Panorama enables you to centrally manage the process of configuring devices, deploying security policies, performing forensic analysis, and generating reports across your entire network of our next-generation firewalls. Available as either a virtual appliance or a dedicated management platform, Panorama and the individual device management interfaces share the same web-based look and feel, ensuring workflow consistency while minimising any learning curve or delay in executing the task at hand.
Learn more about the Device Management and Centralised Management Features.
Consistent management look and feel
Our management philosophy emphasises consistency at both the interface and release level, providing a significant advantage over competitive offerings that are managed across multiple offerings with varied user interfaces and release schedules. The management interface across Panorama, and the individual devices, carries the same look and feel to help reduce your administrative efforts by minimising any learning curve or delay in executing tasks. When we deliver new next-generation firewall features in PAN-OS, any associated updates or new features in Panorama are released at the same time.
Centrally manage device configuration and policy deployment
Panorama enables you to centrally manage all aspects of your Palo Alto Networks next-generation firewalls with device groups, templates and role-based administration.
Device groups: you can use device groups to deploy rules to enforce consistent security across all locations. These global (pre- and post-) firewall rules can be augmented by policies that are managed locally, allowing you to strike a balance between local and centralised controls.
Templates: rapidly roll out new devices with a consistent set of device and network settings (e.g. Login banner, NTP, DNS, Syslog, plus Zones and Interfaces) by creating shared base configurations across the entire deployment or a subset (e.g. region).
Role-based administration: enable different members of your team, both local and remote, to only have access to the features and functions that their job requires. By implementing role-based administration you establish the appropriate levels of rights and access to the responsibilities of a given administrator.
Visibility, forensic analysis and reporting
For either an individual firewall or across your entire network of firewalls, your team can research applications, users and content traversing your network, perform forensic analysis and generate fully customised reports.
Visibility: Application command center (ACC) dynamically fetches data from every device to provide you with an up-to-date view of the applications on your network, who is using them, and the potential threats they may pose. New or unfamiliar applications can be quickly investigated with a single click that tells you what the application is, its behavioral characteristics, and who is using it. Knowledge of the applications, users and content traversing your network enables you to make more informed security policy decisions.
Forensics and log analysis: Panorama dynamically pulls the most current data from your managed devices as needed, providing you with up-to-date information that you can use to perform incident forensics and log analysis. You can dynamically filter the log database by clicking on a cell value and/or using the expression builder to define the sort criteria. Results can be saved for future queries or exported for further analysis.
Reporting: Reports can be generated across all of your devices, or for an individual device using the predefined reports as-is, or by creating a customised report to suit your specific requirements. All reports can be exported to CSV, PDF or XML and executed and emailed on a scheduled basis.
Management platform deployment flexibility
Panorama is available as either a purpose-built hardware platform or as a virtual appliance, which allows you to choose the form factor that is best meets your requirements. Both the virtual machine and the M-100 appliance provide the same ability to centrally manage our next-generation firewalls across your organisation.
M-100 management platform: The M-100 allows you to deploy Panorama as a centralised management platform or you can separate the management and logging functions in a distributed manner.
Centralised: perform all management and logging functions across your network of firewalls from a single, dedicated hardware appliance (with the option for high availability).
Distributed: if your organisation is widely distributed, or generates significant volumes of log traffic, then you may want to deploy the M-100 in a distributed manner by separating the management and logging functions.
Manager: performs device configuration, policy deployment, log analysis and reporting. Logging and reporting utilises data stored on the dedicated log collectors.
Log collector: Aggregates log information from multiple managed firewalls to address your high volume log collection and retention requirements.
Virtual appliance: Panorama can be deployed as a virtual appliance on VMware ESX(i), allowing you to support your virtualisation initiatives and consolidate rack space, which is sometimes limited or costly in a datacenter.
Palo Alto Networks Firewall Overview
- 8-Page PDF: Palo Alto Firewall Oveview
Palo Alto Networks Panorama
- 5-Page PDF: Panorama Specsheet
Palo Alto Networks VM-Series Datasheet
- 3-Page PDF: VM-Series Datasheet
Palo Alto Networks Wildfire
- 6-Page PDF: Palo Alto Networks Wildfire