Firewall Administration
Focus
Focus
Next-Generation Firewall

Firewall Administration

Table of Contents

Firewall Administration

Configure and manage Palo Alto Networks Next-Generation Firewalls using PAN-OS administrative features and settings.
Administrators can configure, manage, and monitor Palo Alto Networks firewalls using the web interface, CLI, and API management interface. You can customize role-based administrative access to the management interfaces to delegate specific tasks or permissions to certain administrators.
You can use the following user interfaces to manage the Palo Alto Networks firewall:
Do not enable management access from the internet or from other untrusted zones inside your enterprise security boundary. Follow the Administrative Access Best Practices to ensure that you are properly securing your firewall.
  • Use the Web Interface to perform configuration and monitoring tasks with relative ease. This graphical interface allows you to access the firewall using HTTPS (recommended) or HTTP and it is the best way to perform administrative tasks.
  • Use the Command Line Interface (CLI) to perform a series of tasks by entering commands in rapid succession over SSH (recommended), Telnet, or the console port. The CLI is a no-frills interface that supports two command modes, operational and configure, each with a distinct hierarchy of commands and statements. When you become familiar with the nesting structure and syntax of the commands, the CLI provides quick response times and administrative efficiency.
  • Use the XML API to streamline your operations and integrate with existing, internally developed applications and repositories. The XML API is a web service implemented using HTTP/HTTPS requests and responses.
  • Use Panorama to perform web-based management, reporting, and log collection for multiple firewalls. The Panorama web interface resembles the firewall web interface but with additional functions for centralized management.
Use the Reference: Web Interface Administrator Access to understand the different access that can be provided for different admin users. The Reference: Port Number Usage provides insight into the different ports and protocols available for different functionality.