Device Onboarding Rules
Focus
Focus
What's New in the NetSec Platform

Device Onboarding Rules

Table of Contents

Device Onboarding Rules

Onboarding rules enable you to add a firewall to a folder and apply predefined configurations when a Palo Alto Networks Next-Generation Firewall (NGFW) first connects to Strata Cloud Manager.
Automate NGFW onboarding to Strata Cloud Manager with a device onboarding rule, whether you're manually onboarding NGFW or onboarding using Zero Touch Provisioning (ZTP). You can associate the NGFW with a folder and apply predefined configuration when the NGFW first connects to Strata Cloud Manager. Strata Cloud Manager supports multiple device onboarding rules to define different match criteria that apply to different NGFW. Device onboarding rules are designed to simplify and greatly reduce the time spent onboarding new NGFW at scale and ensure the correct configuration is applied to newly onboarded NGFW.
Define which NGFW a rule applies to by using Match Criteria. This includes information such as the firewall Model and any Labels applied to the firewall during the onboarding process. You can define the rule Action to specify a Target Folder one or more NGFW are added to and the Snippet Association define any firewall-specific snippet configurations that need to be applied. Additionally, if you use SD-WAN or Cloud Identity Engine (CIE) you can also define and apply those necessary configurations in the device onboarding rule to ensure all required connectivity and user-based visibility and policy rule enforcement immediately after onboarding.