Strata Cloud Manager
Configuration: Overview
Table of Contents
Expand All
|
Collapse All
Strata Cloud Manager Docs
Configuration: Overview
Learn about the management options available to you in Strata Cloud
Manager.
Where Can I Use This? | What Do I Need? |
---|---|
|
Each of these licenses include access to Strata Cloud Manager:
→ The features and capabilities available to you in Strata Cloud Manager depend on which license(s) you are
using.
|
Think of the Overview page as your launching point in to NGFW and Prisma Access both for
first time setup, and for day-to-day configuration management (ConfigurationNGFW and Prisma AccessOverview).
Configuration Scope
With Strata Cloud Manager, you can apply configuration settings and
enforce policy globally across your environment, or target them to specific parts of
your organization. When working in your Strata Cloud Manager configuration
management, the current Configuration Scope is always visible
to you, and you can toggle your view to manage a broader or more granular
configuration.

Learn more about:
- Folder ManagementUse folders to logically group your devices and deployment types for simplified configuration management.
- SnippetsUse snippets to group configurations that you can quickly push to your firewalls or deployments.
- VariablesUse variables your configurations to accommodate device or deployment-specific configuration objects.
Global Find Using Config Search
Config Search enables you to search configuration objects
and settings for a particular string, such as IP addresses, object name, referenced
objects, duplicate objects, policy names, policy rules, policies covered for
specific CVEs, rule UUID, predefined snippets, or application name and get the list
of all references where the object is used.
- To launch Config Search, click the
- In the Config Search screen, you can search by using
the Config String, Location,
Object Type, Edited By, or
Edited At fields. Search tips:
- To find an exact phrase, enclose the phrase in quotes.
- Spaces in search terms are handled as AND operations. For example, if you search on corp policy, the search results include instances where corp and policy exist in the configuration.
- To rerun a previous search, click the Config Search icon, which displays the last 50 searches. Click any item in the list to rerun that search. The search history list is unique to each administrator account.
- Config Search is available for each field that’s searchable. For example, you can search on the following object types for a Security policy: Tags, Zone, Address, User, HIP Profile, Application, UUID, and Service.
- Location is grouped by folders and snippets. You can select more than one location to search. If you do not select any location, All locations will be selected by default.
- If the object type is not selected, All will be selected.
- The search results are categorized and provide links to the configuration
location in the Strata Cloud Manager, allowing you to easily find all
occurrences and references of the searched string.
Global
Where Can I Use This? | What Do I Need? |
---|---|
|
|
If you select the Global configuration scope, you can view the
following details:
- Global folders you create and their variables
- Firewalls with config conflicts
- Firewall sync status
- Firewall connectivity status
- General information
- Configuration snippets
- License
- Optimize
- Trusted tenants for snippet sharing
- Config version snapshots
Configuration Overview (Prisma Access)
Where Can I Use This? | What Do I Need? |
---|---|
|
|
If you’re just getting started with Prisma Access:
- The Basics checklist shows you on how to get up and running with Prisma Access; complete the tasks and walkthroughs here to get started with a basic setup; then, test your environment and build out your deployment.
For details on your Prisma Access environment:
- Review License details to see what’s included with your Prisma Access subscription.
- The About panel displays the software and tenant information for your Prisma Access environment.
For day-to-day configuration management:
- Get at-a-glance configuration status
- Standardize a common base configuration for a set of Prisma Access deployments using the configuration snippets
- Find configuration snapshots—compare configuration versions and restore (or load) an earlier version to recover from a configuration push with unintended impact to traffic flow or security
- Optimize your configuration by cleaning up unused objects and rules, and tightening rules that are introducing security gaps by allowing applications you’re not using
- Pinpoint areas where you can make configuration changes that would strengthen your security posture
- You can also find details about your Prisma Access license and what it includes
After completing basic setup, you can start testing your
environment and building out your deployment.
Configuration Overview (Strata Cloud Manager)
Where Can I Use This? | What Do I Need? |
---|---|
|
|
If you’re just getting started with Cloud Management of NGFW:
For day-to-day configuration management:
- Get at-a-glance summary of the current folder name, number of firewalls added to the folder, number of variables created for the folder.
- Gain visibility and control over local firewall configurations without
the need for switching between the central management and individual firewalls
for managing local configurations.
- Firewalls with config conflicts shows the number of firewalls with conflicts. View Conflicts to see conflicts for all firewalls and their respective locations. Click the individual firewall to further investigate device-level conflicts.
- Objects with config conflicts shows the number of conflicts per firewall. Click the number to view the conflicted objects and their corresponding types specific to that firewall. Click the object to get the granular details on the conflict.
- Connectivity StatusReview the Connectivity Status of managed firewalls to Strata Cloud Manager.
- Sync StatusReview the configuration Sync Status between Strata Cloud Manager and the current running configuration on your managed firewalls.
- Configuration SnippetsStandardize a common base configuration for a set of managed firewalls using configuration snippets.
- HA DevicesConfigure managed firewalls in a high availability (HA) configuration to provide redundancy and ensure business continuity.
- For details on your managed firewalls:
- Review Content Distribution and Software Versions details to see which dynamic content updates and PAN-OS software versions are running on your managed firewalls.
- Review License details to see which licenses are activate on your managed firewalls.