02-15-2017 12:00 AM
Hi, Could someone help me with info on implementing configuration and change management for PA firewall's deployed in a large organization .
02-21-2017 06:16 AM
Do you already have a change management software system deployed or are you looking for options that include Palo Alto devices?
Or are you just looking to setup the processes and procedures without a specific software to manage and control them?
08-17-2021 09:42 AM
Reviving this post.
We are also looking for ways to improve our change management procedures to satisfy compliance requirements.
Currently, we are using Panorama to manage our firewalls and use the "Commit Comment" section to include Jira ticket numbers where we can reference the config changes and approvers. We also use the "Audit Commit" but that only applies to policy changes.
Unfortunately, this has many limitations:
1. It's easy to forget to add the ticket number
2. There is no explicit way for another team member to approve the change in Panorama/FW.
3. There are times when commits are generated without the comment addition (i.e. upgrades)
Are there any ideas to overcome these challenges?
We'd love to use git, but that would require a heavy lift to create a CI/CD pipeline, and potentially change how we use Panorama. We are happy with Panorama, but just wish there were better features to incorporate change management.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!