>
    Quantum Readiness for Strata Cloud Manager
    Focus
    Download PDF
    Focus
    1. Home
    2. Network Security
    3. Quantum Readiness for Strata Cloud Manager
    Download PDF
    Network Security

    Quantum Readiness for Strata Cloud Manager

    Table of Contents

    Quantum Readiness for Strata Cloud Manager

    Assess cryptography adoption of post-quantum secure ciphers in software and hardware across Users, NGFWs, and Applications for your whole network.
    Where Can I Use This?What Do I Need?
    • NGFW (Managed by Panorama or Strata Cloud Manager)
    • Strata Cloud Manager Pro license
    • IoT Security license (for IoT data in the Command Center)
    • NGFWs:
      • Telemetry Enabled for Strata Cloud Manager (A minimum of PAN-OS version 10.0 or above is required to share telemetry and logs with Strata Logging Service for cryptography insights)

    What Is Quantum Readiness?

    Quantum Readiness provides a comprehensive view into your organizations cryptographic posture. Quantum Readiness provides the following information:
    • Visibility and insights into your organization's cryptography.
    • Quantum ready devices and services across the users and applications on your network.
    • Remediation recommendations for how to ensure your NGFWs are quantum ready.
    With insights into Secure, Weak, and Vulnerable cryptography used in sessions across users, NGFWs, and applications, this view supports the initial planning stage for the multiyear cryptography migration process that will keep your network secure against current and future quantum-enabled threats. With this view, you will gain essential visibility into post-quantum cryptography (PQC) support and track your progress toward quantum readiness goals.

    What Is Quantum Cryptography

    Quantum cryptography refers to cryptographic systems that are secure against attacks from quantum computers. Traditional cryptographic methods, like RSA and ECC, rely on the computational difficulty of certain mathematical problems that classical computers can't solve efficiently. However, quantum computers, using principles of quantum mechanics, can potentially break these traditional cryptographic methods.

    Why Is Visibility into Quantum Security Posture Needed?

    As technology progresses, the data on your network utilizing traditional cryptographic methods becomes more vulnerable. Because of these vulnerabilities, there are several reasons to adopt Quantum Cryptography and start utilizing the new Quantum Readiness features:
    • Federal agencies and their vendors must comply with annual cryptographic assessment requirements starting May 2023-2035.
    • Specifically identifies vulnerable cryptography across your entire network, providing clear visibility into quantum-vulnerable implementations that could expose sensitive data to harvest now, decrypt later attacks.
    • Comprehensive network visibility across firewalls, applications, and endpoints, offering integrated remediation guidance rather than just detection.
    • Combines deep security expertise with a forward-looking roadmap aligned with NIST standards.
    • Transforms a complex cryptographic migration challenge into a manageable, structured process that protects your organization today and against future quantum threats.

    Get Started with Quantum Readiness

    Quantum Readiness integrates with existing views and dashboards already in Strata Cloud Manager. A high-level overview of your organization’s Quantum Readiness is in the Command Center. Enable Quantum Readiness through the Command Center by opening the settings panel (
    ) and selecting Quantum Readiness View.
    When enabled, the Quantum Readiness view will highlight your cryptographic posture as:
    • Secure - NIST and FIPS approved quantum safe algorithms.
    • Weak - NIST algorithms at Quantum risk.
    • Vulnerable - NIST IETF deprecated algorithms and protocols.

    Sources

    The sources in the Command Center show you active IoT devices, users, and hosts on your network. Once enabled, you can see the number of quantum-secure devices on your network, as well as post-quantum cryptography (PQC) or “Quantum Safe” sessions.
    Gain insights into the quantum readiness of user devices enabled with Prisma Agent and Prisma Browser based on the software version adoption. Additionally, get insights into all PQC key exchanges negotiated in SSL/TLS sessions across all user devices, such as agnostic browsers and agents.

    Security Infrastructure

    Security Infrastructure shows your Prisma Access and NGFW deployments. When Quantum Readiness is enabled, you can see which of your devices is “Quantum Ready” or meeting federal quantum security mandates.
    Gain insights into the quantum readiness of your Palo Alto Networks Next-Generation Firewalls (NGFWs) and Prisma Access deployments. For NGFWs, view recommendations for quantum readiness capabilities based on adoption across hardware models and software versions.

    Applications

    Apps show the most used internet, SaaS, and private applications used on your network. When Quantum Readiness is enabled, you can see the Quantum Status of individual applications and whether they are Secure or Vulnerable to quantum computing attacks.
    Gain insights into the ciphers negotiated by sanctioned, unsanctioned, and tolerated internet, SaaS, and private applications based on the key exchange mechanisms observed in their SSL sessions.

    Quantum Readiness Widgets

    Each view of the Command Center has insightful widgets that surface important metrics related to your network's security. When Quantum Readiness is enabled, these widgets are updated with PQC metrics as well.
    WidgetDescription
    Total sessions
    The Total Sessions widget gives you a view into the total count of open sessions on your network, breaking them down into Quantum Secure, Quantum Weak, and Vulnerable sessions, and showing the trends of for each over the data range period.
    NGFW Quantum Readiness
    The NGFW Quantum Readiness widget gives you a view into the PQC status of all Strata Cloud managed firewalls.
    Clicking through the widget brings you to the NGFW List dashboard.
    Quantum Adoption
    The Quantum Adoption widget gives you a view into all PQC secure sessions over a given period, allowing you to keep track of your organizations post-quantum cryptography adoption.

    Quantum Readiness Prerequisites

    To effectively utilize the Quantum Readiness view, ensure the following prerequisites:

    Quantum Readiness Use Cases

    To start utilizing Quantum Readiness in Strata Cloud Manager, follow these example workflows.

    Assess Your PQC Posture

    1. Log into Strata Cloud Manager.
    2. While in the Command Center, enable the Quantum Readiness View.
      1. Open the Command Center settings panel (
        ).
      2. Select Quantum Readiness View.
    3. (Optional) Adjust the time range to analyze trends and current posture over different durations. Available options include: 1 hour, 3 hours, 24 hours, 7 days, or 30 days.
    4. Review the PQC posture of your network.
      Each node displays an aggregate cryptographic posture, representing the total secure sessions for that category.
      1. Hover over the data streams for breakdowns of session security.
      2. Select sources to see the breakdown of quantum-secure users and user devices.
        Prisma Access Browser supports PQC and devices utilizing it are Secure. Prisma Access Agent does not currently support PQC and devices utilizing it are Vulnerable.
      3. Select applications to see the breakdown of quantum-secure applications.
      4. Select the NGFWs to see the breakdown of quantum-ready devices.
        If an NGFW is identified as Generation 3 or below, it's not quantum supported. A hardware refresh to Generation 4 or above is recommended to support PQC libraries.
        For quantum-supported hardware, ensure the PAN-OS version is at least 11.2 (for PQC VPN) or 12.1 (for PQC SSL) to enable quantum readiness from a software perspective.

    © 2025 Palo Alto Networks, Inc. All rights reserved.