Palo Alto Networks Panorama
  • 1 Minute To Read
  • Print
  • Share
  • Dark
    Light

Palo Alto Networks Panorama

  • Print
  • Share
  • Dark
    Light

The Palo Alto Panorama management server provides centralized monitoring and management of multiple next-generation firewalls and appliance clusters.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices

Parameters

  1. Panorama Domain (required) - The hostname or IP address of the Palo Alto Panoram server.
  2. User Name and Password (optional, default: empty) - The credentials for a user account that has the Required Permissions to fetch assets.
  3. API Key (optional, default: empty) - An API Key associated with a user account that has the Required Permissions to fetch assets.
NOTE

If User Name and Password are supplied, this field will be ignored.

  1. Verify SSL (required, default: False) - Verify the SSL certificate offered by the value supplied in Panorama Domain. For more details, see SSL Trust & CA Settings.
    • If enabled, the SSL certificate offered by the value supplied in Panorama Domain will be verified against the CA database inside of Axonius. If the SSL certificate can not be validated against the CA database inside of Axonius, the connection will fail with an error.
    • If disabled, the SSL certificate offered by the value supplied in Panorama Domain will not be verified against the CA database inside of Axonius.
  2. For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.

image.png

Advanced Settings

  1. Fetch ARP data (required, default: True) - Select whether to fetch ARP data from the Palo Alto Panorama server.
    • If enabled, all connections for this adapter will fetch ARP data from Palo Alto Panorama.
    • If disabled, all connections for this adapter will not fetch ARP data from Palo Alto Panorama.

Required Permissions

NOTE
As a best practice, ensure that you create a separate, dedicated account for API access to Palo Alto Panorama.
  • If you have supplied a User Name - the value supplied must have permissions to fetch assets for an Admin account with the 'Operational Requests' role (fully enabled, NOT read only) under the "XML/REST API" section.
    Instructions for associating this role with an Admin account can be found here.

  • If you have supplied an API Key - You can obtain an API key by following the instructions here as an alternative to using a username/password as described above (once the API has been enabled as described here).

Was This Article Helpful?