Management Features

Download and install PAN-OS software patches to apply fixes to bug or Common Vulnerability Exposure (CVE) without the need to schedule a prolonged maintenance window to install a new PAN-OS version from the Next-Generation Firewall or Panorama™ management server web interface. This allows you to strength your security posture immediately without introducing new known issues or changed to default behaviors that may come with installing a new PAN-OS version.

Tags allows you the ability to visually group your policy rulebase. PAN-OS 10.2.5 introduces the Tag Browser which allows you to manage your policy rulebase using the applied tags, and thereby simplifies policy rulebase management.

Firewalls and Panorama management servers now validate software upgrades before you install them. This allows more steps to be completed prior to the software installation, which speeds up software upgrades and increases confidence in the upgrade process. For example, prior to downloading the target release, the appliance displays any required software, including intermediate software versions and content dependencies, which you can download along with the target release in one step. You can also use an SCP server as a download source and view a history of software upgrades.

The Strata Cloud Manager Command Center is your new NetSec homepage; it is your first stop to assess the health, security, and efficiency of your network. In a single view, the command center shows you all users and IoT devices accessing the internet, SaaS applications, and private apps, and how Prisma Access, your NGFWs, and your security services are protecting them.

The command center provides you with four different views, each with its own tracked data, metrics, and actionable insights to examine and interact with:

• Summary: A high-level look at all your network and security infrastructure. Monitor the traffic between your sources (users, IoT) and applications (private, SaaS), and see metrics onboarded security subscriptions.
• Threats: Dig deeper into anomalies on your network and block threats that are impacting your users. Review the traffic inspected on your network and see how threats are being detected and blocked around the clock by your Cloud-Delivered Security subscriptions.
• Operational Health: Review incidents of degraded user experience on your network and see root-cause analysis of the issues and remediation recommendations.
• Data Security: Find high-risk sensitive data and update data profiles to further secure your network. Review the sensitive data flow across your network and SaaS applications.

When the command center surfaces an issue through one of these views that you should address or investigate (an anomaly, a security gap, a degraded user experience, something that impacts the security and health of your network), it provides a path to where you can take actions to further secure your network.

The Panorama web interface now displays the preferred releases and the corresponding base releases of PAN-OS software. Before you upgrade or downgrade Panorama or PAN-OS, you can view the list of preferred and base releases and choose your preferred target PAN-OS release. Preferred releases offer the latest and the most advanced features and ensure stability and performance. When there are no preferred releases available, the corresponding base version is not displayed. If necessary, you can choose to view either preferred releases or base releases.