Authentication Features

PAN-OS 8.1 provides new authentication features: Extensible Authentication Protocol (EAP) Support for RADIUS and Authentication Using Custom Certificates for WildFire™ and PAN-DB.
New Authentication FeatureDescription
EAP Support for RADIUSTo securely transport credentials between the firewall and the RADIUS server without having to create IPSec tunnels, you can now use one of three Extensible Authentication Protocol (EAP) methods: PEAP-MSCHAPv2, PEAP with GTC, and EAP-TTLS with PAP. You can use this feature for GlobalProtect and Captive Portal authentication and for administrative access to the firewall and Panorama. For more information, refer to the New Features Guide.
Authentication Using Custom Certificates for WildFire and PAN-DBYou can now deploy custom certificates to replace the predefined certificates shipped on Palo Alto Networks appliances for management connections between WildFire or PAN-DB appliances and other products in the Palo Alto Networks next-gen security platform. By generating and deploying custom certificates for each appliance, you can establish a unique chain of trust between WildFire and PAN-DB and connected Palo Alto Networks appliances. You can generate these custom certificates locally or import them from an existing enterprise public key infrastructure (PKI).

Related Documentation