Managed Firewall Information
Select PanoramaManaged Devices to display the following information for each managed firewall.
Managed Firewall Information
Displays the name of the Panorama > VMware NSX in which the firewall is a member. By default, this column is hidden, though you can display it by selecting the drop-down in any column header and selecting ColumnsDevice Group.
Regardless of whether the column is visible, the page displays firewalls in clusters according to their device group. Each cluster has a header row that displays the device group name, the total number of assigned firewalls, the number of connected firewalls, and the device group path in the hierarchy. For example, Datacenter (2/4 Devices Connected): SharedEuropeDatacenter would indicate that a device group named Datacenter has four member firewalls (two of which are connected) and is a child of a device group named Europe. You can collapse or expand any device group to hide or display its firewalls.
Displays the hostname or serial number of the firewall.
For the VM-Series NSX edition firewall, the firewall name appends the hostname of the ESXi host. For example, PA-VM: Host-NY5105
Lists the virtual systems available on a firewall that is in Multiple Virtual Systems mode.
Displays the tags defined for each firewall/virtual system.
Displays the serial number of the firewall.
Displays the IP address of the firewall/virtual system.
Displays the template or template stack to which the firewall is assigned.
Device State—Indicates the state of the connection between Panorama and the firewall: Connected or Disconnected.
A VM-Series firewall can have two additional states:
HA Status—Indicates whether the firewall is:
Shared Policy—Indicates whether the policy and object configurations on the firewall are synchronized with Panorama.
Template—Indicates whether the network and device configurations on the firewall are synchronized with Panorama.
Certificate—Indicates the managed device’s client certificate status.
Last Commit State—Indicates whether the last commit failed or succeeded on the firewall.
Software Version | Apps and Threat | Antivirus | URL Filtering | GlobalProtect™ Client | WildFire
Displays the software and content versions that are currently installed on the firewall. For details, see Firewall Software and Content Updates.
On each firewall commit, PAN-OS automatically sends a firewall configuration backup to Panorama. Click Manage to view the available configuration backups and optionally load one. For details, see Firewall Backups.
Configure a Certificate Profile
Configure a Certificate Profile Certificate profiles define user and device authentication for Captive Portal, GlobalProtect, site-to-site IPSec VPN, Mobile Security Manager, and web interface access ...
Device > Certificate Management > Certificate Profile
Device > Certificate Management > Certificate Profile Device > Certificate Management > Certificate Profile Panorama > Certificate Management > Certificate Profiles Certificate profiles define which ...
Certificate Revocation Palo Alto Networks firewalls and Panorama use digital certificates to ensure trust between parties in a secure communication session. Configuring a firewall or ...
Manage Firewall Licenses
Manage Firewall Licenses Panorama > Device Deployment > Licenses Select Panorama Device Deployment Licenses to perform the following tasks: Update licenses of firewalls that don’t ...
Deactivate VM When you no longer need a BYOL instance of the VM-Series firewall, you can free up all active licenses—subscription licenses, VM-Capacity licenses, and ...
Renew a Certificate
Renew a Certificate If a certificate expires, or soon will, you can reset the validity period. If an external certificate authority (CA) signed the certificate ...
Enable Communication Between the NSX Manager and Panorama
Enable Communication Between the NSX Manager and Panorama To automate the provisioning of the VM-Series firewall for NSX, enable communication between the NSX Manager and ...
Set Up Verification for Certificate Revocation Status
Set Up Verification for Certificate Revocation Status To verify the revocation status of certificates, the firewall uses Online Certificate Status Protocol (OCSP) and/or certificate revocation ...
Configure Revocation Status Verification of Certificates Us...
Configure Revocation Status Verification of Certificates Used for SSL/TLS Decryption The firewall decrypts inbound and outbound SSL/TLS traffic to apply security rules and rules, then ...