Monitor Cloud NGFW for Azure Resources
Focus
Focus
Cloud NGFW for Azure

Monitor Cloud NGFW for Azure Resources

Table of Contents

Monitor Cloud NGFW for Azure Resources

Learn how to monitor Cloud NGFW health.
Where Can I Use This?What Do I Need?
  • Cloud NGFW for Azure
  • Cloud NGFW subscription
  • Palo Alto Networks Customer Support Portal account
  • Azure Marketplace subscription
Cloud NGFW for Azure publishes custom metrics in Azure Monitor to help you monitor your Cloud NGFW's health, performance, and usage patterns. With these additional metrics, you can assess the overall health of your Cloud NGFW resources, identify performance bottlenecks, and detect anomalies. These metrics are numerical values describing aspects of a Cloud NGFW at a particular time. The 5-minute collection frequency makes these metrics highly effective for alerting.
To monitor the health of your Cloud NGFW:
  1. Log into the Azure portal and search for Cloud NGFW by Palo Alto Networks. This displays the Cloud NGFWs you have registered with Azure.
  2. Select the Cloud NGFW you want to monitor.
  3. On the Overview page, expand Essentials. The Essentials section displays the health status of the selected Cloud NGFW.

Health Monitor States

Health status appears as color-coded icons, and is portrayed for both network security and cloud security.
Health status for network security:
  • Healthy (green icon). Indicates that the primary and secondary Panorama is connected with the Cloud NGFW resource for network security applications.
  • Degraded (yellow icon). Network security is degraded on the Cloud NGFW resource.
  • Unhealthy (red icon). Indicates that the Cloud NGFW cannot connect to the Panorama virtual appliance. Ensure that your Cloud NGFW is registered with Panorama.
Health status for cloud security applies to the creation and update of a firewall:
  • Healthy (green icon). Indicates the individual status of the rulestack associated with the Cloud NGFW resource showing the state of the primary and secondary Panorama virtual appliance connected to the Cloud NGFW resource. This information appears in the Associated rulestack section and is displayed as Connected or Not Connected.
  • Degraded (yellow icon). Cloud security is degraded.
  • Unhealthy (red icon). Indicates that the Cloud NGFW rulestack was not committed successfully on any instance. After resolving the issue, the health monitor changes to reflect a healthy status (green icon).
  • Initializing (blue icon). Indicates that the Cloud NGFW resource is initializing.