About Panorama Interconnect

Overview of the Panorama™ Interconnect plugin.
When you have homogeneous configurations across a large number of firewalls that exceed the management capacity of a single Panorama instance, or if you have deployed multiple Panorama™ management servers, you can use the Interconnect plugin on Panorama to reduce the operational burden. The Interconnect plugin allows you to set up a Panorama Controller that manages up to 64 Panorama Nodes, so that you can streamline common configuration and policies across Panorama appliances and the managed firewalls on your network. For example, you can set up the Panorama Controller as the central point for managing both the Panorama specific configuration such as admin roles on the Panorama Nodes, and all the common template stack and device group configurations that you push to the Panorama Nodes for managing all the firewalls. The following figure illustrates the Panorama Interconnect hierarchy, where the Panorama Controller manages multiple Panorama Nodes, which in turn manage multiple devices.
The following figure displays an example of a Panorama Interconnect
page for a Panorama Controller and a Panorama Node once they have been successfully configured.
The following tasks must be completed to set up the Panorama Interconnect plugin:
Review the Panorama Interconnect Requirements
The Panorama management servers and firewalls must meet the system requirements and certifcate requirements to successfully deploy Panorama Interconnect.
This includes installing and activating licenses, and registering the Panorama management server.
Enable authentication between the Panorama Controller and Nodes
Generate or import a Certificate Authority, generate certificates for the Panorama Node, and create a certificate profile to secure communication between the Panorama Controller and Panorama Nodes.
Importing the CA certificate and Panorama Node certificate to the Panorama Node is required to successfully connect it to the Panorama Controller.
Download, install, and set up the Panorama Interconnect plugin on the Panorama Controller and Panorama Nodes.
Prepare the Panorama Controller to Push Configuration to the Managed Firewalls
On the Panorama Controller, add a device group and configure a template stack to configure policy rules, objects, and settings to enable the firewalls to operate on the network.
Push the Panorama-specific configuration, as well as the template stack and device group configurations, from the Panorama Controller to the Panorama Nodes.
Add one or more firewalls and push the synchronized configuration from the Panorama Node to the managed devices.

Recommended For You