Ansible - Automating NGFW Configuration

About Ansible Automation

Ansible is a very powerful open source automation language, it uses modules to communicate with vendor specific devices. What makes Ansible unique from other management tools is that it is also a deployment and orchestration tool. In many respects, Ansible helps provide large productivity gains to a wide variety of automation challenges. The Palo Alto Networks Ansible integration project utilizes Ansible to help organizations automate configuration and management of the Palo Alto Networks Platform. The Live Community provides a central place to learn how to utilize this technology, get help from others using it, and more.

Ansible Updates & Tips

Ansible Version 2.2 Released

post time: a week ago

Ansible version 2.2 is released, including support for configuring log forwarding profiles, subinterfaces, and more.

Webinar - Automate Cloud Security with Ansible

post time: 03-16-2018

Webinar Apr 25th at 2:00 pm EDT


Palo Alto Networks has developed an Ansible module to enable these organizations to integrate security into their CI/CD pipeline. See it in action and learn how Ansible and Palo Alto Networks help enforce a consistent next-generation security posture across your organization.

View the recording:

Using Ansible For Firewall SEC Policy Change Management Process

post time: 07-24-2017

Manage security policy changes using the power of the Palo Alto Networks custom Ansible modules and Ansible ‘pull’ feature.



Using Ansible to Automate & Accelerate AWS Deployments

post time: 07-24-2017

This video shows how to use Ansible to automate and accelerate AWS deployments.


Ansible and Palo Alto Networks Firewall

post time: 04-03-2017

The combination of Ansible and Palo Alto Networks modules address the most common applications of automation and orchestration of the Palo Alto Networks VM-Series NGFW (Next Generation Firewall) for both public and private cloud deployments.



Have questions about how to utilize Ansible to automate your Palo Alto Networks deployments? Join the Live Community to post your questions and get answers.
Author Topic Views Replies
posted: Monday updated: yesterday

Ansible Module ver 2.2 does not support sec rule update operation deprecated

Newly Ansible Module ver 2.2 does not support sec rule update. operation keyword is deprecated and state key  only has absent or present values.&...

156 5
posted: Thursday updated: Friday

Obtaining Policy Descriptions Through the API

Thanks for taking the time to read my message. I'm an intern tasked with writing a program that returns all device descriptions from a set of policies...

259 4
posted: 2 weeks ago updated: 2 weeks ago

License Firewall ESXi VM before bootstrapping

We are trying to do automated deployment of multiple VM firewalls, managed by Panorama and using bootstrapping for the initial setup. All appliances w...

120 0
posted: 2 weeks ago updated: 2 weeks ago

XML API Template stack and Device group push to HA pair

Has anyone had experience using Panorama XML API to push config to an HA pair of firewalls (Template/stack or DG)?  For examplehttps://panor...

145 0
posted: 4 weeks ago updated: 4 weeks ago

ClearBrowserCache Method - any way to set a longer timeout?

I'm having an issue with my VM's randomly, wondering if anyone knows if its possible to somehow get more than 5 seconds to allow the browser to clear ...

104 0

Related Topics

Palo Alto Networks Delivers

Ansible Community Ansible Community

Automation for Everyone. Ansible is designed around the way people work and the way people work together. Learn more

Ansible Documentation Palo Alto Networks Ansible doc's Ansible Docs on GitHub

Read the latest reference documentation for the Palo Alto Networks Ansible project on Github. Learn more