Panorama Sizing and Design

Community Team Member

Read about Panorama Sizing and Design in Palo Alto Networks LIVEcommunity. Learn more about device management and log collection/reporting. There are also some tips on choosing the correct Panorama deployment. Get your questions about Panorama answered on LiIVEcommunity.

 

Panorama Banner

 

The Panorama solution includes two overall functions: Device Management and Log Collection/Reporting.

 

Device Management includes activities such as configuration management and deployment, deployment of PAN-OS and content updates.

 

Log Collection includes collecting logs from one or multiple firewalls, either to a single Panorama or to a distributed log collection infrastructure. In addition to collecting logs from deployed firewalls, reports can be generated based on that log data, whether it resides locally on the Panorama, or on a distributed logging infrastructure.

 

The Panorama solution allows for flexibility in design by assigning these functions to different physical pieces of the management infrastructure:

 

 

 

View of Panorama DesignFlexible Panorama Design

 

While most current Panorama platforms have an upper limit of 1000 devices for management purposes (5000 firewalls using M-600 appliances or similarly resourced Panorama virtual appliances since PAN-OS 9.0), it is important for Panorama sizing to understand what the incoming log rate will be from all managed devices.

 

Read the following article on how to determine the log rate:
How to Determine Log Rate on VM Panorama or M-100 with a Log-Collector

 

There are three main factors when determining the amount of total storage required and how to allocate that storage via Distributed Log Collectors. These factors are:

  • Log Ingestion Requirements: The total number of logs that will be sent per second to the Panorama infrastructure.
  • Log Storage Requirements: The timeframe for which the customer needs to retain logs on the management platform. There are different driving factors for this including both policy based and regulatory compliance motivators.
  • Device Location: The physical location of the firewalls can drive the decision to place DLC appliances at remote locations based on WAN bandwidth etc.

 

These factors are discussed in more detail in this article :

Panorama Sizing and Design Guide

 

When choosing a platform for a Panorama deployment, consider the following factors.

 

  • Number of concurrent administrators need to be supported
  • Does the Customer have VMWare virtualization infrastructure that the security team has access to?
  • Does the customer require dual power supplies?
  • What is the estimated configuration size?
  • Will the device handle log collection as well?

Other considerations for Log Collector group design, High Availability and Log Redundancy are also discussed in much more detail in the Panorama Sizing and Design Guide.

 

Some insightful use case examples might be just what you need from this article as well :

 

 

Panorama Use Case DeploymentPanorama Deployment Use Case

 

Useful links :

 

-Kiwi out!

 
2,415 Views
Ask Questions Get Answers Join the Live Community
Labels