What’s New in Panorama Plugin for VMware NSX 3.2.0
Table of Contents
Expand all | Collapse all
-
-
-
-
-
- Features Introduced in Enterprise Data Loss Prevention 4.0.2
- Known Issues in Enterprise DLP Plugin 4.0.2
- Features Introduced in Enterprise Data Loss Prevention 4.0.1
- Known Issues in Enterprise DLP Plugin 4.0.1
- Features Introduced in Enterprise Data Loss Prevention 4.0.0
- Known Issues in Enterprise DLP Plugin 4.0.0
-
- Features Introduced in Enterprise Data Loss Prevention 3.0.8
- Features Introduced in Enterprise Data Loss Prevention 3.0.7
- Features Introduced in Enterprise Data Loss Prevention 3.0.6
- Features Introduced in Enterprise Data Loss Prevention 3.0.5
- Features Introduced in Enterprise Data Loss Prevention 3.0.4
- Features Introduced in Enterprise Data Loss Prevention 3.0.3
- Features Introduced in Enterprise Data Loss Prevention 3.0.2
- Features Introduced in Enterprise Data Loss Prevention 3.0.1
- Features Introduced in Enterprise Data Loss Prevention 3.0.0
- Known Issues in Enterprise Data Loss Prevention 3.0.8
- Known Issues in Enterprise Data Loss Prevention 3.0.7
- Known Issues in Enterprise Data Loss Prevention 3.0.6
- Known Issues in Enterprise Data Loss Prevention 3.0.5
- Known Issues in Enterprise Data Loss Prevention 3.0.4
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 3.0.3
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 3.0.0
-
- Features Introduced in Enterprise Data Loss Prevention 1.0.8
- Features Introduced in Enterprise Data Loss Prevention 1.0.3
- Features Introduced in Enterprise Data Loss Prevention 1.0.1
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.8
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.7
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.6
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.4
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.3
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.2
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.1
- Features Introduced in the Enterprise Data Loss Prevention (DLP) Cloud Service
- Limitations
-
-
What’s New in Panorama Plugin for VMware NSX 3.2.0
The Panorama Plugin for VMware NSX 3.2.0
introduces the following features:
Device Certificate Support for the VM-Series Firewall on
VMware NSX
The firewall requires a device certificate to retrieve
the site license entitlements and securely access cloud services
such as WildFire, AutoFocus, Cortex Data Lake, etc. There are two
methods for applying a site license to your VM-Series firewall—One-Time
Password (OTP) and auto-registration PIN. Each password or PIN is
generated on the Palo Alto Networks Customer Support website and unique
to your Palo Alto Networks support account. For the VM-Series firewall on
NSX-V and NSX-T, you can add the auto-registration PIN to your service definition
configuration so the device certificate is fetched by the firewall
upon initial boot up. Additionally, if you upgrade previously-deployed
firewalls to PAN-OS version that supports device certificates, you
can apply a device certificate to the those firewalls individually
using a one-time password.
You must enable Device Certificates to deploy firewalls successfully
when using one of the following VM-Series firewall for NSX OVFs—
10.0.1
and later, 9.1.5 and later, 9.0.11 and later, or 8.1.17 and later
.
However, you are not required to enter a PIN ID and PIN Value. If
you do not enable Device Certificates, firewall deployment will
fail. You can add an OTP to your firewalls after deployment to have
them fetch a device certificate. See the Panorama Admin Guide for
more information about installing a device certificate on firewalls manage
by Panorama. See the Compatibility Matrix for
supported version information.Security Policy Extension Between NSX-V and NSX-T
If you adding VMware NSX-T to your existing network
that includes NSX-V or moving from NSX-V to NSX-T, you can now use
your existing NSX-V security policy rules in NSX-T. The Panorama
plugin for VMware NSX 3.2.0 allows you to use your existing NSX-V
device groups and templates with your new NSX-T firewalls. When
you create an NSX-T service definition, select an device group and
a template stack used in an NSX-V service definition. After deploying
the firewalls in NSX-T, you will see match criteria retrieved from
NSX-T available for in dynamic address groups used in NSX-V. If
you add NSX-T match criteria to an NSX-V dynamic address group,
any security policy referencing the those dynamic address groups
will also be applied to traffic matching the NSX-T or NSX-V criteria.