08-17-2017 06:31 AM - edited 08-17-2017 09:16 AM
I hope someone already did something like that to answer my question 😛
We have a virtual Panorama on PAN-OS 8 with a local log collector. On this panorama we manage differdnt firewalls and also store the logs of these firewalls. This panorama is in a secure zone where we ONLY allow acces for firewall administrators.
So far so good. Now we have a customer who got a visit from PaloAlto itself, where he was shown PaloAlto products - including Panorama. Result of this visit was, the customer now asks me if he could have access to Panorama to view specially the ACC tab of the logs of ONE firewallcluster. And unfortunately not only current data. We are storing these logs for 180 days. So he'd likes to have access to this data, for reporting reasons.
Our own policy now doed not allow to give the customer this access.
But my idea now was the following: we build a second panorama only for this one firewall of this customer. This second panorama will not be used for managing this firewall because on the first panorama we forward some specific logs to the second panorama, where the customer can have access to view these logs.
Is this even possible with PAN-OS 8 and the local log collectors?
Any input or better ideas is appreciated 😉
08-17-2017 08:24 AM
If firewall is at client site why don't you just allow direct login into firewall with read only access to spcecific tabs?
08-17-2017 09:13 AM
Thanks for your reply. Yes, this would actually be a pretty simple solution. But theres two little problems (besides the one that there are important information missing in my initial post)
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!