: Configure Appliance-to-Appliance Encryption Using Predefined Certificates Centrally on Panorama
Focus
Focus

Configure Appliance-to-Appliance Encryption Using Predefined Certificates Centrally on Panorama

Table of Contents
End-of-Life (EoL)

Configure Appliance-to-Appliance Encryption Using Predefined Certificates Centrally on Panorama

  1. Upgrade each managed WildFire appliance to PAN-OS 8.1.x. All managed appliances must be running PAN-OS 8.1 or later to enable appliance-to-appliance encryption.
  2. Verify that your WildFire appliance cluster has been properly configured and is operating in a healthy state.
  3. On Panorama, select Panorama > Managed WildFire Clusters > WF_cluster_name> Communication.
  4. Enable Secure Cluster Communication.
  5. (Recommended) Enable HA Traffic Encryption. This optional setting encrypts the HA traffic between the HA pair and is a Palo Alto Networks recommended best practice.
    HA Traffic Encryption cannot be disabled when operating in FIPS/CC mode.
  6. Click OK to save the WildFire Cluster settings.
  7. Commit your changes.