VM-Series Device Management
Focus
Focus
What's New in the NetSec Platform

VM-Series Device Management

Table of Contents

VM-Series Device Management

Bootstrap process to automate VM-Series firewall deployments.
This release adds support for a bootstrapping process that allows you to configure newly deployed firewalls without manually configuring them prior to deployment. Previously, a firewall image was created for your cloud environments that required you to manually include information such as DNS entries and IP addresses in the init.cfg file.
This new process associates the firewall with a Panorama management host to automate the onboarding and configuration of your software firewall. With this functionality, the bootstrapping process:
  • Automatically instantiates, onboards, and configures the firewall instance without prior knowledge of the firewall serial number.
  • Automatically onboards the Strata Cloud Manager tenant, from which the tenant receives the initial configuration and becomes fully operational without manual intervention.
Create the bootstrap package with the following fields:
  • panorama-server. Use this field to specify cloud management for your Panorama host. This field initiates a TLS connection to the Strata Cloud Manager service edge. For example, panorama-server=cloud. Values other than cloud are interpreted as a Panorama Internet Protocol or FQDN, and will initiate a Panorama management connection. A value defined for panorama-server-2 is ignored when panorama-server=cloud.
  • dgname. This field is used to define the Cloud Management folder in which the firewall is mapped.
  • vm-series-auto-registration-pin-id. Include the VM-Series registration PIN ID. This automates the process of instantiating the firewall instance by establishing the connection to the Strata Cloud Manager service edge.
  • vm-series-auto-registration-pin-value. Include the VM-Series registration PIN VALUE to automate the process of instantiating the firewall instance by establishing the connection to the Strata Cloud Manager service edge.
    The PIN ID and PIN VALUE fields are use to request a Thermite certificate. This certificate is used to authenticate the device and build a secure connection to the cloud service, such as Strata Cloud Manager.