Enhanced Authentication for Dedicated Log Collectors and
Create enhanced authentication for Dedicated Log Collectors
and WildFire appliances to address authentication security gaps.
Bridge the security gap in your infrastructure
for Dedicated Log Collector (
and WildFire (
deployments by leveraging enhanced authentication for your appliances.
10.0 introduces the ability to create multiple
local administrators with granular authentication parameters, as
well as leverage LDAP, RADIUS, or TACACS+ for remote authorization
and authentication from the Panorama™ management server. Local administrators
are configured directly on the CLI of the Dedicated Log Collector
and WildFire appliances. Pushing new configuration changes to a
Dedicated Log Collector or WildFire appliance overwrites existing
local administrators with the administrators configured for the
Dedicated Log Collector.
This example shows how to configure
the authentication for a Dedicated Log Collector.
before a user is locked out of the Dedicated Log Collector CLI.
, in minutes,
for which the Dedicated Log Collector locks out a user account after that
user reaches the configured number of
, in minutes,
before the user account is automatically logged out due to inactivity.
Max Session Count
how many user accounts can simultaneously access the Dedicated Log
Max Session Time
can be logged in before being automatically logged out.
Add the Dedicated Log Collector administrators.
You must add the administrator (
as either a local administrator or as an imported Panorama administrator—but
not both. The push to managed firewalls fails if an administrator
is not added or if the administrator is added as both a local administrator
and as an imported Panorama administrator.
configure new administrators unique to the Dedicated Log Collector.
These administrators are specific to the Dedicated Log Collectors
for which they are created and you manage these administrators from
any administrators configured on
Panorama. These administrators are created on Panorama and imported
to the Dedicated Log Collector.
to save the Dedicated
Log Collector authentication configuration.