Dedicated Log Collectors and WildFire appliances now support multiple local admins with granular authentication parameters, as well as remote authentication and authorization leveraging LDAP, RADIUS, or TACACS+ to enable central user management and ensure audit compliance. You can create and manage Log Collector and WildFire admins from the Panorama management server.

You can now automate content updates for firewalls in an air-gapped network (where Panorama and the firewall are not connected to the internet) to reduce the operational burden and maintain an up-to-date security posture. Now, you can deploy a Panorama server to automatically download content updates from the Palo Alto Networks Update server and export them to an SCP server. On a configured schedule, the air-gapped Panorama retrieves the packages from the SCP server to install on firewalls.

The Panorama management server now supports increased configuration size for the M-Series and Panorama virtual appliances without performance impact to tasks such as configuration changes, commits, and pushes to managed firewalls.

Forwarding logs over the management interface can result in loss of logs and impact performance of management tasks due to insufficient bandwidth. Now, you can forward all PAN-OS logs to an external syslog server over an Ethernet interface on the Panorama management server and Dedicated Log Collector.

IT administrators managing multiple unrelated tenants from a single Panorama can now create Device Group and Template (DG&T) admins with better visibility and control of managed firewalls in their access domains. DG&T admins in multi-tenant environments can now perform essential day-to-day tasks related to firewall management in their access domain.

Log Collectors now cache results from previous search queries to reduce the time it takes for the Panorama management server to return results. For example, if you run a custom on-demand report for the last 7 days, and then run a query using identical parameters for the last 24 hours, Panorama utilizes the cached results from the first query to return results faster.

You can now view log collector queries to monitor bottlenecks in your deployment. If your log collectors are experiencing impacted performance, you can query all jobs or a specific job ID to better understand why your log query is experiencing issues.

To improve the accuracy of scheduled reports, you can now configure the minimum and maximum key limits Panorama utilizes to generate reports. By increasing the number of keys, Panorama can aggregate, sort, and group larger sets of data to generate more accurate report results.