Check the boxes of the device groups that
must be notified of additions or modifications to the virtual machines
deployed on the network.
As new virtual machines are provisioned
or existing machines are modified, the changes in the virtual network
are provided as updates to Panorama. When configured to do so, Panorama populates
and updates the dynamic address objects referenced in policy rules
so that the firewalls in the specified device groups receive changes
to the registered IP addresses in the dynamic address groups.
To
enable notification, make sure to select every device group to which
you want to enable notification. If you are not able to select a
device group (no check box available), it means that the device
group is automatically included by virtue of the device group hierarchy.
This
notification process creates context awareness and maintains application
security on the network. If, for example, you have a group of hardware-based
perimeter firewalls that must be notified when a new application
or web server is deployed, this process initiates an automatic refresh
of the dynamic address groups for the specified device group. And
all policy rules that reference the dynamic address object now automatically
include any newly deployed or modified application or web servers
and can be securely enabled based on your criteria.