Panorama Virtual Appliance and Virtual Dedicated Log Collector
on Google Cloud Platform
How to deploy a Panorama™ virtual appliance and virtual Dedicated Log Collector on Google® Cloud Platform (GCP™).
You can now deploy Panorama™ and a Dedicated Log Collector on Google® Cloud Platform (GCP™). The Panorama virtual appliance on GCP supports all deployment modes (Panorama, Log Collector, and Management Only) and each mode shares the same processes and functionality as its M-Series counterpart. Refer to Panorama Models for more information on Panorama modes. Panorama virtual appliance and virtual Dedicated Log Collector on GCP is available only on PAN-OS 8.1.1 and later releases.
For more information, see Install Panorama on Google Cloud Platform.
- Download the Panorama virtual appliance image.
- Log in to the Palo Alto Networks Support Portal.
- Selectand filter byUpdatesSoftware UpdatesPanorama Base Images.
- Download the latest version of the Panorama on GCPtar.gzimage.
- Upload the Panorama virtual appliance image to the Google Cloud Platform.
- Log in to the Google Cloud Console.
- From theProducts and Servicesmenu, selectStorage.
- ClickCreate Bucket, configure the new storage bucket and clickCreate.
- Select the storage bucket you created in the previous step, clickUpload files, and select the Panorama virtual appliance image you downloaded.
- From theProducts and Servicesmenu, select.Compute EngineImages
- ClickCreate Imageand create the Panorama virtual appliance image:
- Namethe Panorama virtual appliance image.
- In theSourcefield, selectCloud Storage filefrom the drop-down menu.
- ClickBrowseand navigate to the storage bucket where you uploaded the Panorama virtual appliance image, andSelectthe uploaded image.
- Createthe Panorama virtual appliance image.
- Configure the Panorama virtual appliance.
- From theProducts and Servicesmenu and select theCompute Engine.
- ClickCreate Instanceto begin deploying the Panorama virtual appliance.
- Add a descriptiveNameto easily identify the Panorama virtual appliance.
- Select theZonewhere you want to deploy the Panorama virtual appliance.
- Allocate theMachine TypeCPU cores and memory. Refer to the Setup Prerequisites for the Panorama Virtual Appliance for minimum resource requirements.
- For theBoot Disk, click, select the Panorama image file you uploaded in Step 2, and clickChangeCustom imageSelect.
- UnderIdentity and API access,Allow full access to all Cloud APIs.
- UnderFirewall,Allow HTTPS traffic.
- Enable management access to the Panorama virtual appliance.
- ExpandManagement, disks, networking SSH keys.
- Enable access to the serial port so you can manage the Panorama virtual appliance.
- Configure the management interface on the Panorama virtual appliance.The Panorama virtual appliance on GCP supports a single management interface; ou must use this interface for log collection and device management.
- Configure the SSH key. You need an SSH key to access the Panorama virtual appliance CLI to configure the administrative user password after initial deployment.
- (Panorama and Log Collector mode) Add additional storage for log collection. Repeat this step as needed to add additional virtual logging disks.If you intend to use the Panorama virtual appliance in Panorama mode or as a Dedicated Log Collector, add the virtual logging disks during the initial deployment. By default, the Panorama virtual appliance is in Panorama mode for the initial deployment when you meet the Panorama mode resource requirements and you have added at least one virtual logging disk. Otherwise, the Panorama virtual appliance defaults to Management Only mode. Change the Panorama virtual appliance to Management Only mode if you need to only manage devices and Dedicated Log Collectors and you don’t need to collect logs locally.The Panorama virtual appliance on GCP supports only 2TB logging disks and, in total, supports up to 24TB of log storage. You cannot add a logging disk smaller than 2TB or a logging disk with a size that is not evenly divisible by the 2TB logging disk requirement because the Panorama virtual appliance partitions logging disks larger than 2TB into 2TB partitions.
- Create(deploy) the Panorama virtual appliance. The Panorama virtual appliances takes approximately 10 minutes to boot up after initial deployment.
- Configure a new administrative password for the Panorama virtual appliance.Use a private key to access the CLI and configure a unique administrative password so that you can access the web interface of the Panorama virtual appliance.
- Activate the licenses on the Panorama virtual appliance.
- Finish configuring the Panorama virtual appliance for your deployment needs.
- (Log Collector mode) Skip to Step 6 to set up the Panorama virtual appliance as a Log Collector.When configuring the Management interface in Step 9, enter thePublic IP Addressof the Dedicated Log Collector. You cannot specifyIP Address,Netmask, orGateway.