Focus

Next-Generation Firewall

Panorama > Firewall Clusters

Table of Contents

Filter

Expand All | Collapse All

Next-Generation Firewall Docs

Getting Started
Administration
Networking
Quick Start
Reference
Incidents & Alerts
Release Notes
Select a Document
- PAN-OS 12.1
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
- PAN-OS 10.0 (EoL)
- PAN-OS 9.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 8.1 (EoL)
Help
Select a Document
- PAN-OS 12.1
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 10.2
- PAN-OS 10.1

Managed WildFire Cluster and Appliance Administration

Panorama > Administrators

Panorama > Firewall Clusters

PanoramaFirewall Clusters

View the AI-HSF and CN-Series firewall clusters summary and monitoring information in the Panorama web interface under Firewall Clusters.

From the PanoramaAdmin rolesWeb UI list, select Firewall Clusters, then click Enable to access firewall clusters. After you add firewall clusters to Panorama, use the web interface to view the details of the AI-HSF or CN-Series firewall clusters.

You must install the Clustering plugin from DevicePlugins to view the cluster details under Firewall Clusters.

Summary View
Monitoring

Summary View

View AI-HSF and CN-Series firewall clusters summary.

View the information about the AI-HSF and CN-Series clusters captured by the firewall in the last five minutes. Click the refresh button to load the latest details.

AI-HSF
Field	Description
Cluster Name	Name of the firewall cluster.
Cluster State	Displays whether the cluster is impacted or not.
Cluster Type	Type of cluster.
Software Version	The PAN-OS version.
Device Name	Name of the node.
Node ID	Unique Identifier of the node in a cluster.
VM-HSF Clusters	Includes details of the AI-HSF clusters. Node Type - Displays if the node is an AI-Gateway node or AI-HSF firewall node. Node Status - Displays the current status of the node - Online, Failed, or Unknown. Last Commit State - Status of the last commit of the node. For example, Commit succeeded with warnings.
Plugins Used On The Cluster	List of plugins used on the cluster.
Template Stack	Name of the template stack associated with the cluster.
Device Group	Name of the device group associated with the cluster.
Members Affected	Number of impacted cluster members and their names.
System Log Details	Displays the details of the system events.
Specific Error	List of specific errors in the cluster. Click the link to view more details about the error under Monitor > Logs > System where you can view logs.
CPU Count	Number of CPUs used.
Config Sync Status	Displays if the cluster configuration is in Sync or Out of Sync.
Cluster Creation Time	Displays the date and time of the cluster creation.

Monitoring

PanoramaFirewall ClustersMonitoring

View the AI-HSF firewall cluster health information.

Field	Description
Managed Software Cluster	Select a firewall cluster.
Impacted	List of impacted firewall clusters. VM-Clusters - The number of impacted AI-HSF firewall clusters. Clusters List - Displays the list of clusters that are impacted. Click to view detailed information about the clusters in the Interconnect Status and Cluster Utilization dashboards.
OK	List of firewall clusters that are not impacted. AI-HSF-Clusters - The number of AI-HSF firewall clusters that are not impacted. Clusters List - Displays the list of clusters that are not impacted. Click to view detailed information about the clusters in the Interconnect Status and Cluster Utilization dashboards.
Interconnect Status	View the cluster interconnect details for a selected time frame. Select Last 5 Mins to view the following details. Cluster Name - Name of the firewall cluster. Cluster Type - The type of cluster. Cluster State - Displays whether the cluster is impacted or not. Current Cluster Detail - Click the current cluster state link to view more details about the impacted cluster. AI-HSF Clusters AI-HSF Name - Name of the Cluster. Node ID - Unique Identifier of the node in a cluster. Node Type - Displays if the node is a VM-Gateway node or AI-HSF firewall node. Node Status - Displays if the node is Online or Unknown. Last Commit State - Status of the last commit of the node. For example, Commit succeeded with warnings. Cluster Creation Time - The time of cluster creation. Current Cluster Detail - Click the current cluster state link to view more details about the impacted cluster. Cluster Interconnect State - Displays whether the cluster is impacted or not. Current Cluster Detail - Click the current interconnect status link to view more details about the impacted cluster. Traffic Interconnect - Status of traffic interconnectivity. External Connection - Status of external connectivity. Impacted Links - Number of impacted links. Management Connectivity - Number of management connections. Impacted Members - List of impacted cluster members. Time Stamp Uptime - Uptime time stamp. Time Stamp Downtime - Downtime time stamp. Selecting any other time frame displays the following information only. Cluster Name - Name of the cluster. Cluster Type - Type of cluster. Cluster Creation Time - Displays the date and time of the cluster creation. Current Cluster State - Displays the status of the cluster - OK or Impacted (when one of the node is not inline). Cluster Interconnect State - Displays whether the cluster is impacted or not. Traffic Interconnect - Status of traffic interconnectivity. External Connection - Status of external connectivity.
Cluster Utilization	View the firewall cluster throughout, memory, and data utilization. Cluster Name - Name of the firewall cluster. Cluster Details - Click the cluster name link to view the throughput, memory, and data utilization details of the selected cluster. Cluster Type - The type of cluster. Only AI-HSF firewall cluster types are supported. Cluster State - Displays the health of the cluster. Cluster Throughput - Firewall cluster throughput in Gbps. CPS - Number of connections per second. Session Count - Number of sessions. AI-HSF Clusters Session Utilization % - Displays the session utilization percentage. AVG FW DP CPU % - Displays the DP-CPU utilization in the AI-DP node. AVG GW DP CPU % - Displays the FW-CPU utilization in the AI-Gateway node. Average Data Plane (%) Within Health Threshold - The average dataplane threshold in percentage. MP CPU % - Management plane CPU utilization in percentage. MPMem % - Management plane memory utilization in percentage. Logging Rate (Log/Sec) - Rate at which the logs are being generated on the cluster.

CN-Series
Field	Description
Cluster Name	Name of the firewall cluster.
Software Version	The PAN-OS version.
Plugins Used On The Cluster	List of plugins used on the cluster. Only CN-Series firewall plugins are supported.
Template Stack	Name of the template stack associated with the cluster.
Device Group	Name of the device group associated with the cluster.
Cluster State	Displays whether the cluster is impacted or not.
Cluster Type	Type of cluster. Only CN-Series firewall cluster types are supported.
Members Affected	Number of impacted cluster members and their names.
System Log Details	Display the details of the system events.
Specific Error	List of specific errors in the cluster. Click the link to view more details about the error under MonitorLogsSystem where you can view logs.
Pod Name	Name of the pod.
CPU Count	Number of CPUs used.

Monitoring

View CN-Series firewall clusters monitoring information.

View the CN-Series firewall cluster health information.

Field	Description
Managed Software Cluster	Select a firewall cluster. Only CN-Series firewall cluster types are supported.
Impacted	List of impacted firewall clusters. CN-Clusters—The number of impacted CN-Series firewall clusters. Clusters Impacted—Displays the list of clusters that are impacted. Click to view detailed information about the clusters in the Interconnect Status and Cluster Utilization dashboards.
OK	List of firewall clusters that are not impacted. CN-Clusters—The number of CN-Series firewall clusters that are not impacted. Clusters Impacted—Displays the list of clusters that are not impacted. Click to view detailed information about the clusters in the Interconnect Status and Cluster Utilization dashboards.
Interconnect Status	View the cluster interconnect details for a selected time frame. Select Last 5 Mins to view the following details. Cluster Name—Name of the firewall cluster. Cluster Type—The type of cluster. Only CN-Series firewall cluster types are supported. Cluster Creation Time—The time of cluster creation. Current Cluster State—Displays whether the cluster is impacted or not. Current Cluster Detail—Click the current cluster state link to view more details about the impacted cluster. Cluster Interconnect Status—Displays whether the cluster is impacted or not. Current Cluster Detail—Click the current interconnect status link to view more details about the impacted cluster. Traffic Interconnect—Status of traffic interconnectivity. External Connection—Status of external connectivity. Impacted Links—Number of impacted links. Management Connectivity—Number of management connections. Impacted Cluster Member—List of impacted cluster members. Time Stamp Hi-Res Uptime—Uptime time stamp. Time Stamp Hi-Res Downtime—Downtime time stamp. Selecting any other time frame displays the following information only. Cluster Name Cluster Type Cluster Creation Time Current Cluster State Cluster Interconnect Status Traffic Interconnect External Connection
Cluster Utilization	View the firewall cluster throughout, memory, and data utilization. Cluster Name—Name of the firewall cluster. Cluster Details—Click the cluster name link to view the throughput, memory, and data utilization details of the selected cluster. Cluster Type—The type of cluster. Only CN-Series firewall cluster types are supported. Cluster State—Displays the health of the cluster. Cluster Throughput (gbps)—Firewall cluster throughout in Gbps. CPS—Number of connections per second. Session Count (Sessions)—Number of sessions. Average Data Plane (%) Within Health Threshold—The average dataplane threshold in percentage. Management Plane CPU (%)—Management plane CPU utilization in percentage. Management Plane Mem (%)—Management plane memory utilization in percentage. Logging Rate (Log/Sec)—Rate at which the logs are being generated on the cluster. DP Auto-Scale Status—Dataplane autoscale details.

Managed WildFire Cluster and Appliance Administration

Panorama > Administrators

Next-Generation Firewall Docs

Panorama > Firewall Clusters

Next-Generation Firewall Docs

Panorama > Firewall Clusters

Summary View

Monitoring

Monitoring

Activation and Onboarding

Next-Generation Firewalls

SASE

Cloud-Delivered Security Services

Network Security

Endpoints

Visibility & Monitoring

FedRAMP

Hardware Reference

Hardware Quick Start Guides

Virtual ION Deployment

3rd Party Integrations

Best Practices

Experts Corner