Next-Generation Firewalls for Zero Touch Provisioning
Expand all | Collapse all
Next-Generation Firewalls for Zero Touch Provisioning
Leverage Zero Touch Provisioning (ZTP) to automate the
on-boarding of new firewalls to the Panorama™ management server.
Zero Touch Provisioning (ZTP)
is designed to simplify and automate the on-boarding of new firewalls
to the Panorama™ management server. ZTP streamlines the initial
firewall deployment process by allowing network administrators to
ship managed firewalls directly to their branches and automatically
add the firewall to the Panorama™ management server after the ZTP
firewall successfully connects to the Palo Alto Networks ZTP service.
This allows businesses to save on time and resources when deploying
new firewalls at branch locations by removing the need for IT administrators
to manually provision the new managed firewall. After successful on-boarding,
Panorama provides the means to configure and manage your ZTP configuration
and firewalls.
ZTP is supported on the following ZTP firewalls
running PAN-OS 9.1.3 and later releases:
PA-220-ZTP
and PA-220R-ZTP
PA-820-ZTP and PA-850-ZTP
PA-3220-ZTP, PA-3250-ZTP, and PA-3260-ZTP
Select to
Download
and
Install
the
most recent version of the
ztp
plugin.
Register Panorama with the ZTP service.
Select and
edit the
General
ZTP settings.
Enter the
Panorama FQDN or IP Address
.
(
HA only
) Enter the
Peer FQDN
or IP Address
.
Click
OK
to save your configuration
changes.
Create the default device group and template to automatically
generate the required configuration to connect your ZTP firewalls
to Panorama.
Add Device Group and Template
.
Enter the
Device Group
name.
Click
OK
to save your configuration
changes.
Select
Commit
and
Commit
to Panorama
.
Select and
Sync
to ZTP Service
.
Configure the ZTP installer administrator account.
Select and
Add
a
new admin user.
Enter a
Name
and
Password
for
the ZTP installer admin.
For the
Administrator Type
,
select
Custom Panorama Admin
.
For the
Profile
, select
installeradmin
.
Click
OK
to save your configuration
changes.
Select
Commit
and
Commit
to Panorama
.
Add ZTP firewalls to Panorama.
Select and
Add
a
new ZTP firewall.
Enter the
Serial Number
of
the ZTP firewall.
Enter the
Claim Key
for the
ZTP firewall.
Click
OK
to save your configuration
changes.
Select and
Register
the newly
added ZTP firewall.
When prompted, click
Yes
to
confirm registering the ZTP firewall.