Purpose and functions of VM Information Sources?

Reply
Highlighted
L4 Transporter

Purpose and functions of VM Information Sources?

I trying to understand what gain we have from having our vCenter server monitored by our PA 3020 firewall?

I reading about it here, but not understanding it.

https://www.paloaltonetworks.com/documentation/71/pan-os/web-interface-help/device/device-vm-informa...

 

We are recently upgraded to vSphere 6.5 and a new vCenter server that I need to replace this current palladium entry with.

We are using standard vSphere switching and not using NSX at all.

PAvCenter1.jpg

 

 

Community Manager

Re: Purpose and functions of VM Information Sources?

Hi @OMatlock

 

This works in tandem with dynamic objects: if you have a datacenter where servers are spawned based on load (for example) and during a busy day several new servers need to be booted on the spot, the VM information sources can feed the IP information into the firewall and add the IPs to dynamic objects so the servers are automatically added to existing firewall policies

 

if you have several different types of VMs that may need to be spun up they can each be member of individual dynamic groups and their access through security policy will be tied to their membership to the dynamic group (eg dmz servers may gain access to update servers, databases and DNS, while internal servers will automatically be reachable by your users and can fetch information off of the DMZ and so on

 

This way you don't need to add full subnets to your policies but can rely on the information sources to feed you unique IPs ties to a 'tag'


Help the community: Like helpful comments and mark solutions
Reaper out
L4 Transporter

Re: Purpose and functions of VM Information Sources?

Wow!  Thank you for that reaper.

Maybe these guys had plans to do stuff like this down the road, but not doing anything like that right now.

 

I might just remove it for now, especially since it is an old vCenter that is not in use anymore.

 

Thank you!

L7 Applicator

Re: Purpose and functions of VM Information Sources?

@OMatlock,

If you guys had an SE or an outside vendor setup your firewall for you during the initial install it's quite possible they added this to show off the feature. 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!