Strata Cloud Manager
Dashboards in Strata Cloud Manager
Table of Contents
Dashboards in Strata Cloud Manager
Strata Cloud Manager
provides a set of interactive dashboards that give you a
comprehensive view of data on the applications, threats, users, and security subscriptions
at work in your network.Where Can I Use This? | What Do I Need? |
|---|---|
|
|
Strata Cloud Manager
provides a set of interactive dashboards that give you a
comprehensive view of the applications, ION devices, threats, users, and security
subscriptions at work in your network. The dashboards provide visibility into the
health, security posture, and activity happening in your deployment that helps you
to prevent or address performance and security gaps in your network. Dashboard
support extends across the Palo Alto Networks products and subscriptions that
are supported for cloud management, and from other sources as well,
including Traps, Cortex XDR, Prisma SaaS, and Proofpoint. The data you see often
depends on your subscription. You can review each dashboard topic to see what the
license requirements are for that dashboard, if role permissions might impact what
data is visible, and to learn about the different types of data that each
subscription unlocks.You can access dashboards from the
Dashboards
menu on the left
navigation pane. The SASE Health dashboard is pinned to the landing page by default.
Click More Dashboards
and select or clear the check box
beside a dashboard name to pin or unpin the dashboard to the Dashboard landing page.
You can also build your own dashboard using the Build My Dashboard
option.
Some of the dashboards also have the option to download and share reports
that you can share offline and schedule for regular updates. To see if reports are
supported for a dashboard, check for these icons:
Integrate with Cloud Identity Engine
We recommend setting up Cloud Identity Engine (Directory Sync) to get the most
out of dashboards. Cloud Identity Engine is a free Palo Alto Networks app that
gives other apps read-only access to your Active Directory information, and
enables you to:
- Cloud Identity Engine enables you to specify the user for whom you want to run a report.
- Easily and securely share reports with other members of your organizationwith Cloud Identity Engine set up, you can easily add recipients to a scheduled report. Your report recipients are checked against Cloud Identity Engine, and if it doesn’t find a match, it performs an extra validation step by checking the email address domain against the email address domains associated with your support account. These checks ensure that reports are not sent outside of your organization.
Support for Dashboards
Some of the dashboard supports in the product are
pending migration to
Strata Cloud Manager
. Feature | Supported on | Licenses and Other
Requirements | Scope of Aggregated
Data | |||
|---|---|---|---|---|---|---|
Prisma Access (Cloud
Managed) | Prisma Access (Panorama
Managed)* | AIOps for NGFW * | Prisma SASE Multitenant
Platform | |||
SASE Health | Yes | Yes | Yes |
| ||
Threat Insights | Yes | No | Yes | Yes** |
| Per Cortex Data Lake tenant |
Application Usage | Yes* | Yes | Yes | Yes | Cortex Data Lake | Per Cortex Data Lake
tenant |
Prisma Access Usage | Yes | Yes | NA | Yes | Per Prisma Access tenant | |
User Activity | Yes | Yes | Yes | Yes |
| Per Cortex Data Lake
tenant |
Best Practices | Yes | No | PAN-OS versions: 10.0 or
later | Yes | [Only for AIOps for NGFW ]
Enable
telemetry sharing in devices |
|
Compliance Summary | No | No | Yes | No | [Only for AIOps for NGFW] Enable telemetry
sharing in devices | AIOps for NGFW: per NGFW/ Panorama associated
with AIOps for NGFW instance |
On Demand BPA | No | No | Yes | No | TSF | AIOps for NGFW: per NGFW/ Panorama associated
with AIOps for NGFW instance |
Executive Summary | Yes | Yes | Yes | Yes |
| Per Cortex Data Lake
tenant |
Network Usage | Yes | Yes | Yes | Yes | Cortex Data Lake license | Per Cortex Data Lake
tenant |
Log Viewer | Yes | Yes | Yes | Yes | Cortex Data Lake license | Per Cortex Data Lake
tenant |
Search | Yes | No | Yes | Yes** | Requirements to view trend graph
in search:
| |
Download/Share/Schedule | Yes | Yes | Yes | Yes | Refer to respective feature
column in this table | |
Saas Security | Yes | No | No | No |
| Per Prisma Access tenant |
DLP Incidents | Yes | No | No | No | Enterprise DLP license | Per Prisma Access tenant |
Device Health | No | No | Yes | No |
| AIOps for NGFW : per NGFW/ Panorama
associated with AIOps for NGFW instance |
Security Posture Insights | No | No | Yes | No | AIOps for NGFW : per NGFW/ Panorama
associated with AIOps for NGFW instance | |
Advanced Threat Prevention | No | No | Yes | No |
| Per Cortex Data Lake tenant |
IoT Security | Yes | Yes | Yes | No | IoT Security license | Per IoT Security tenant |
Data Loss Prevention (DLP) | No | No | Yes | No |
| |
Prisma SD-WAN | No | No | No | Yes | Prisma SD-WAN license | Per Prisma SD-WAN tenant |
PAN-OS CVEs | No | Yes | Yes | [Only for AIOps for NGFW] Enable telemetry
sharing in devices |
| |
CDSS Adoption | Yes | Yes | Yes | [Only for AIOps for NGFW] Enable telemetry
sharing in devices | AIOps for NGFW: per NGFW/ Panorama associated
with AIOps for NGFW instance | |
Feature Adoption | No | Yes | Yes | [Only for AIOps for NGFW] Enable telemetry
sharing in devices | AIOps for NGFW: per NGFW/ Panorama associated
with AIOps for NGFW instance | |
Prisma Access (Panorama Managed)*
- - For Prisma Access (Panorama managed) users with Cortex Data Lake hosted in the non-Americas region, you need to provide consent to allow Prisma Access to read and process data from the Cortex Data Lake in the non-Americas region. Review and accept the privacy notice on the Dashboard home page to provide your consent and view more dashboards and logs. Only app, instance, and account administrators can see and accept the privacy notice.
- Dashboards are not supported in Prisma Access (Panorama managed) multi-tenant environment.
Yes*
- Yes means all versions of Prisma Access and PAN-OS
are supported.Yes**
- In the multitenant platform, tenants are identified as tenant service groups (TSGs) and
assigned with TSG ID. A single or multiple tenants can be associated per
Customer Support Portal (CSP). The data shown in the dashboard depends on the
following scenarios:- Your app from which you access the dashboard needs to be TSG supported and accessed through the SASE platform or the tenant view on the hub.
- You have associated devices with your tenant using Common Services in the hub.
- Verify if your tenants have one-to-one or many-to-one mapping with CSP.
- If your tenants have one-to-one mapping with CSP, you can view dashboard data across all sources (for example, in WildFire dashboard, data across samples from Palo Alto Networks firewalls, Prisma Access, Traps, Cortex XDR, Prisma SaaS, Proofpoint and manual uploads are shown).
- If multiple tenants are associated per CSP, the dashboard shows data from only Prisma Access, Palo Alto Networks firewalls, and Panorama appliances associated with specific tenants and not from other sources.
AIOps for NGFW
*AIOps for NGFW
depend on whether you have a Free or Premium
license tier.