Firewall Administration
Configure and manage Palo Alto Networks Next-Generation Firewalls using PAN-OS
administrative features and settings.
Administrators can configure, manage, and monitor Palo
Alto Networks firewalls using the web interface, CLI, and API management
interface. You can customize role-based administrative access to the
management interfaces to delegate specific tasks or permissions
to certain administrators.
You can use the following user interfaces to manage the Palo Alto Networks firewall:
Do not enable management access from the internet or from other untrusted zones
inside your enterprise security boundary. Follow the
Administrative Access Best Practices to
ensure that you are properly securing your firewall.
Use the Web Interface to perform configuration and monitoring tasks
with relative ease. This graphical interface allows you to access the firewall
using HTTPS (recommended) or HTTP and it is the best way to perform
administrative tasks.
Use the Command Line Interface (CLI)
to perform a series of tasks by entering commands in rapid succession over SSH
(recommended), Telnet, or the console port. The CLI is a no-frills interface
that supports two command modes, operational and configure, each with a distinct
hierarchy of commands and statements. When you become familiar with the nesting
structure and syntax of the commands, the CLI provides quick response times and
administrative efficiency.
Use the XML API to streamline your
operations and integrate with existing, internally developed applications and
repositories. The XML API is a web service implemented using HTTP/HTTPS requests
and responses.
Use Panorama to perform web-based
management, reporting, and log collection for multiple firewalls. The Panorama
web interface resembles the firewall web interface but with additional functions
for centralized management.
