Deploy Panorama Virtual Appliances in Legacy Mode with Local Log Collection

The following figure illustrates Panorama in a centralized log collection deployment. In this example, the Panorama management server comprises two Panorama virtual appliances in Legacy mode that are deployed in an active/passive high availability (HA) configuration. This configuration suits firewall management within a VMware virtual infrastructure in which Panorama processes up to 10,000 logs/second. The firewalls send logs to the NFS datastore (ESXi server only) or virtual disk on the Panorama management server. By default, the active and passive peers both receive logs, though you can Modify Log Forwarding and Buffering Defaults so that only the active peer does. For the 5200 and 7000 series firewalls, only the active peer receive logs. By default, the Panorama virtual appliance in Legacy mode uses approximately 11GB on its internal disk partition for log storage, though you can Expand Log Storage Capacity on the Panorama Virtual Appliance if necessary.
If the logging rate increases beyond 10,000 logs per second, it is recommended that you Deploy Panorama with Dedicated Log Collectors.
Panorama Virtual Appliances in Legacy Mode with Local Log Collection
Log_Collection_VAs_No_LCs.png
Perform the following steps to deploy Panorama virtual appliances with local log collection. Skip any steps you have already performed (for example, the initial setup).
  1. Perform the initial setup of each Panorama virtual appliance.
    1. Install the Panorama Virtual Appliance. To ensure the virtual appliance starts in Panorama mode, do not add a virtual logging disk during installation.
      By default, Panorama uses an 11GB partition on its system disk for log storage. If you want more storage, you can add a dedicated virtual logging disk of up to 8TB after the installation.
    2. Perform Initial Configuration of the Panorama Virtual Appliance.
    3. Register Panorama and Install Licenses.
    4. Install Content and Software Updates for Panorama.
  2. Set up the Panorama virtual appliances in an HA configuration.
    1. Set Up HA on Panorama.
    2. Test Panorama HA Failover.
  3. Perform the following steps to prepare Panorama for log collection.
    1. Add a Firewall as a Managed Device for each one that will forward logs to Panorama.
    2. Configure Log Forwarding to Panorama.
  4. Commit your changes.
    Select CommitCommit to Panorama and Commit your changes.

Related Documentation