PAN-OS device telemetry is used to power telemetry apps
that make it easier to monitor and manage firewalls.
Device telemetry collects data about your next-generation
firewall or Panorama and shares it with Palo Alto Networks by uploading
the data to Cortex Data Lake. This data is used to power telemetry
apps, which are cloud-based applications that make it easy to monitor
and manage your next-generation firewalls and Panoramas. These apps
improve your visibility into device health, performance, capacity
planning, and configuration. Through these apps, you can maximize
the benefits you enjoy from the products and services that Palo
Alto Networks delivers.
Telemetry data is also used for sharing threat intelligence,
providing enhanced intrusion prevention, evaluation of threat signatures,
as well as improved malware detection within PAN-DB URL filtering,
DNS-based command-and-control (C2) signatures, and WildFire.
Telemetry data is collected and stored locally on your device
for a limited period of time. This data is shared with Palo Alto
Networks only if you configure a destination region for the data.
If your organization has a Cortex Data Lake license, then you can
only send the data to the same region as where your Cortex Data
Lake instance resides. If your organization does not have a Cortex
Data Lake license, then you must install
a device certificate in order to share this data. In this
case, you can choose any available region, although you must conform
to all applicable local laws regarding privacy and data storage.
Finally, you can obtain
a live sample of the data that your firewall is collecting
for telemetry purposes. For a complete description of all the telemetry
metrics that can be shared with Palo Alto Networks, including the
privacy implication for each metric, see the PAN-OS Device Telemetry Metrics
Reference Guide.
Automatically created users such as _cliadmin may
appear under Logged in Admins on the dashboard
while telemetry is enabled.