NextGig Systems, Inc. - Network Connectivity & Test Solutions

Palo Alto Networks' Next-Generation Firewalls - Device Management

Device Management Flexibility

As a means of leveraging the depth of existing firewall knowledge and accelerating the implementation process, the management interface has been purposefully designed with a familiar look and feel. Using Panorama, the device web interface, or a full Command Line Interface (CLI), experienced firewall administrators can quickly become comfortable managing Palo Alto Networks next-generation firewalls.

Questions? Call  1-805-277-2400

Intuitive and efficient policy creation workflow.

The familiar look and feel of the policy editor enables administrators to efficiently create and manage policies that combine firewall policies with IPS, antivirus, anti-spyware and data filtering profiles. Creating policies in a unified manner is quickly accomplished using a policy browser that prompts an administrator for the key data element required to create a new policy. Existing policies can be edited in the same manner, or they can be modified in a column-by-column manner, using drag-and-drop for commonly used objects (users, applications, services, IP addresses). Rule tagging and searching, column hiding, re-sizing/re-order are just a few of the other features that help streamline the policy workflow.


Centralized visibility and management for a network of
Palo Alto Networks firewalls.

Panorama provides centralized management of multiple Palo Alto Networks next-generation firewalls, enabling administrators to view applications, who is using them, any associated threats and respond by deploying global, single device, or combined policies. With a user interface that is the same as the individual device, any learning curve when moving from one to another is virtually eliminated. Object-level sharing and global rules help to streamline administrative tasks and minimize repetitive data entry errors. Logs can be consolidated and filtered to gain an aggregate view of network activity while reports can be generated for an individual or multiple firewalls.

Fine-grained control over administrative access.

For those environments where different staff members require varied levels of access to the management interface, role-based administration allows any of the device features to be fully enabled, read-only, or disabled (hidden from view). Supported in both the individual device UI and Panorama, role-based administration allows specific individuals to be given appropriate access to the tasks that are pertinent to their job. Examples:

Operations staff can have access to the device and networking configuration.

Security administrators are given control over security policy definition, the log viewer and reporting.

Key individuals are given full CLI access while for others, the CLI may be disabled.

All administrative activities are logged, showing the time of occurrence, the administrator, the management interface used (web UI, CLI, Panorama), the command or action taken along with the result.

Traffic analysis and reporting across a network of devices.

Administrators can gain valuable insight into applications, users and content activity across an entire network of Palo Alto Networks next-generation firewalls using ACC, App-Scope, the log viewer and customizable reporting. Seamlessly moving from a global view to an individual device view is as easy as a click of a mouse.

Industry standard management tools and APIs.

A rich set of industry standard management interfaces (syslog and SNMPv2/3) combined with APIs allows organizations to leverage existing third party solutions for policy management, log analysis and reporting.

For more information, pricing, demonstration or evaluation on Palo Alto Networks Products please contact us here.