Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Adding Locally Managed Firewalls to Panorama Management

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Community Team Member

General Graphics.jpg

 

When migrating locally managed firewalls, plan the transition to Panorama Management. Determine which firewalls are going to be managed by Panorama and start to plan the device group hierarchy, templates, and template stacks for the environment. It is important to keep in mind which firewalls will share common policies when designing the structure. 

 

Add the firewall to the Panorama managed devices list (Panorama -> Managed Devices). Enter the serial number of the firewall or firewalls you wish to add and click OK. Commit to Panorama. Now that you’ve added the firewall to Panorama, you must specify the Panorama server on the firewall to get the two connected. Enter the IP addresses of the Panorama management server (Device -> Setup -> Panorama Settings)

 

Verify the connection between Panorama and the firewall is established by checking the Managed Devices (Panorama -> Managed Devices -> Summary). When the firewall is showing as connected, import the existing firewall configuration into Panorama (Panorama -> Setup -> Operations -> Click Import device configuration to Panorama and select firewall). Assign or create the template and device group name you would like for the firewall.

 

Once imported and the config is verified to be migrated, push the device config bundle from Panorama to the firewall (Panorama -> Setup -> Operations -> Export or push device config bundle). This will remove all policies and objects from the local configuration.

 

Complete the migration from local to Panorama management by committing and pushing to the firewall (Commit -> Commit and Push -> Device Groups -> Select Merge with Device Candidate Config, include Device and Network Templates, and Force Template Values). Verify with the Panorama managed devices summary tab that the desired device group and template name is associated with the firewall.

 

Now you can manage the firewall from the Template and Device Group sections within Panorama!

 

For more information, make sure to check out the following:

Device Group Hierarchy

Templates and Template Stacks

Manage Firewalls

 

Thanks for taking time to read this blog.

Don't forget to hit that Like (thumbs up) button and don't forget to subscribe to the LIVEcommunity Blog.

 

Stay Secure,
JayGolf

  • 4855 Views
  • 0 comments
  • 2 Likes
Register or Sign-in
Labels