Settings to Enable VM Information Sources for Google Compute
Enable monitoring of GCE instances to consistently enforce policy for workloads.
VM Information Sources
The following table describes the settings you need to configure to enable VM Information Sources for Google Compute Engine instances on Google Cloud Platform. Enable monitoring of Google Compute Engine (GCE) instances to allow the firewall (physical or virtual on-premise, or running in Google Cloud) to retrieve tag, label, and other metadata about the instances running in a particular Google Cloud zone of the specified project. For information on the VM-Series on Google Cloud Platform, refer to the VM-Series Deployment Guide.
Settings to Enable VM Information Sources for Google Compute Engine
Enter a name to identify the monitored source (up to 31 characters). The name is case-sensitive, must be unique, and can contain only letters, numbers, spaces, hyphens, and underscores.
Google Compute Engine.
Optional) Add a label to identify the location or function of the source.
The communication between the firewall and the configured source is enabled by default.
The connection status between the monitored source and the firewall displays in the interface as follows:
When you disable communication, all the registered IP address and tags are removed from the associated dynamic address group. This means that policy rules will not apply to the GCE instances from this Google Cloud Project.
Enabledoption to disable communication between the configured source and the firewall.
Service Authentication Type
Select VM-Series running on GCE or Service Account.
Service Account Credential
Only for Service Account) Upload the JSON file with the credentials for the service account. This file allows the firewall to authenticate to the instance and authorizes access to the metadata.
You can create an account on the Google Cloud console (
). Refer to the Google documentation for information on how to create an account, add a key to it, and download the JSON file that you need to upload to the firewall.
IAM & admin
Enter the alphanumeric text string that uniquely identifies the Google Cloud Project that you want to monitor.
Enter the zone information as a string of up to 63 characters in length. For example:
Specify the interval (in seconds) at which the firewall retrieves information from the source (range is 60 to 1,200; default is 60).
The interval (in hours) after which the connection to the monitored source is closed if the host does not respond (default is 2).
Enable timeout when the source is disconnected. When the specified limit is reached, if the source is inaccessible or does not respond, the firewall will close the connection to the source. When the source is disconnected, all the IP addresses and tags that were registered from this project are removed from the dynamic address group.
VM-Series Firewall on Google Cloud Platform
Deploy the VM-Series firewall from Google Cloud Platform Marketplace, enable Google Stackdriver monitoring, and enable VM-Series firewalls to monitoring Google Compute Engine instances. ...
Set Up the VM-Series Firewall on Google Cloud Platform
Deploy the VM-Series Firewall on a Google Cloud Engine instance. ...
Enable VM Monitoring to Track VM Changes on Google Cloud Platform
Enable VM Monitoring to Track VM Changes on Google Cloud Platform (GCP) You can enable any firewall running a compatible version of PAN-OS (virtual or ...
About the VM-Series Firewall on Google Cloud Platform
Prepare to deploy a VM-Series firewall on a Google® Compute Engine instance. ...
Enable Google Stackdriver Monitoring on the VM Series Firewall
Monitor PAN-OS metrics from Google® Stackdriver. Understand what you can accomplish with your project’s default service account, compared to a user’s service account. ...
Device > VM Information Sources
Device > VM Information Sources Use this tab to proactively track changes on the Virtual Machines (VMs) deployed on any of these sources—VMware ESXi server, ...
Prepare to Set Up the VM-Series Firewall on Google Public Cloud
Prepare to set up a VM-Series firewall on Google Cloud Platform, configure your Google accounts access (including the SSH key pair), plan VPC networks, and ...
Attributes Monitored in the AWS and VMware Environments
Learn about the attributes monitored on ESXi instances. ...
Secure Kubernetes Services in a Google Kubernetes Engine Cluster
To secure north-south traffic for k8s, deploy the VM-Series firewalls in an instance group and configure the GCP plugin on Panorama to learn the internet-facing ...