Panorama Features

What new Panorama™ management server features are in PAN-OS 10.1?
New Panorama Feature
Authentication Key for Secure Onboarding
To strengthen the security of onboarding new firewalls, Log Collectors, and WildFire appliances running PAN-OS 10.1.0 and later releases, a device registration authentication key is required for mutual authentication between the Panorama management server and the firewall, Log Collector, or WildFire appliance on first connection. Each device registration authentication key configured on Panorama is unique and allows for customizable parameters such as the key lifetime and the number of times the key can be used before it becomes invalid.
Optimization for Deploying Changes to Multiple Virtual Systems of the Same Firewall
In PAN-OS 10.1, a configuration push to multiple virtual systems of the same managed firewall running PAN-OS 10.1 are combined into a single commit operation on the firewall regardless of how many device groups the virtual systems are a part of. This optimization dramatically reduces the time required to deploy device group configuration changes to multiple virtual systems of a mutli-vsys firewall managed by Panorama.
Scheduled Configuration Push to Managed Firewalls
In PAN-OS 10.1, you can now schedule configuration pushes to ease your operational overhead for any size deployment irrespective of location and maintenance window times. For example, scheduling your configuration pushes improves the efficiency of operations during short maintenance windows by eliminating human delays as well as speeding up change deployments to multi-vsys firewalls (with the optimization for multiple virtual systems as described next). The flexibility of scheduled configuration pushes allow you to create a one-time push or schedule recurring pushes to provide you with an automated way to deploy routine or pre-approved changes to your managed firewalls.
Unique Master Key for a Managed Firewall
Configure a unique master key for each firewall managed by the Panorama management server to ensure the configuration security of each firewall and ease the operational burden of updating the managed firewall master key. Configuring a unique master key for each managed firewall limits exposure if a master key is compromised.

Recommended For You