About Panorama Interconnect
Table of Contents
About Panorama Interconnect
Overview of the Panorama™ Interconnect plugin.
When you have homogeneous configurations across a large
number of firewalls that exceed the management capacity of a single
Panorama instance, or if you have deployed multiple Panorama™ management
servers, you can use the Interconnect plugin on Panorama to reduce
the operational burden. The Interconnect plugin allows you to set
up a Panorama Controller that manages up to 64 Panorama Nodes, so
that you can streamline common configuration and policies across
Panorama appliances and the managed firewalls on your network. For
example, you can set up the Panorama Controller as the central point
for managing both the Panorama specific configuration such as admin
roles on the Panorama Nodes, and all the common template stack and
device group configurations that you push to the Panorama Nodes
for managing all the firewalls. The following figure illustrates
the Panorama Interconnect hierarchy, where the Panorama Controller
manages multiple Panorama Nodes, which in turn manage multiple devices.
The following figure displays an example of a Panorama Interconnect Setup page for
a Panorama Controller and a Panorama Node once they have been successfully configured.
The following tasks must be completed to set up the Panorama
Interconnect plugin:
Task | Details |
|---|---|
Review the Panorama Interconnect Requirements | The Panorama management servers and firewalls
must meet the system requirements and certifcate requirements to
successfully deploy Panorama Interconnect. This includes installing
and activating licenses, and registering the Panorama management server. |
Enable authentication between the Panorama Controller
and Nodes | Generate or import
a Certificate Authority, generate certificates
for the Panorama Node, and create a certificate
profile to secure communication between the Panorama Controller
and Panorama Nodes. Importing the CA certificate and Panorama Node
certificate to the Panorama Node is required to successfully connect
it to the Panorama Controller. |
Download, install, and set up the Panorama Interconnect
plugin on the Panorama Controller and Panorama Nodes. | |
Prepare the Panorama Controller to Push Configuration
to the Managed Firewalls | On the Panorama Controller, add a device group and configure a template stack to configure policy rules, objects, and settings to enable the firewalls to operate on the network. |
Push the Panorama-specific configuration,
as well as the template stack and device group configurations, from
the Panorama Controller to the Panorama Nodes. | |
Add one or more firewalls and push the synchronized
configuration from the Panorama Node to the managed devices. |