What Panorama Mode should I be in?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Palo Alto Networks Approved
Palo Alto Networks Approved
Community Expert Verified
Community Expert Verified

What Panorama Mode should I be in?

L4 Transporter

I have two Panorama Servers, let's call them North01Pano and South01Pano.  I also have two Log Collectors, let's call them North02Pano and South02Pano.  Obviously the two LC's are system-mode: Logger.  What is the preferred mode for the 01's and why?

1 accepted solution

Accepted Solutions

Cyber Elite
Cyber Elite

Thank you for posting question @RobertShawver

 

You are left only with 2 options: Panorama Mode and Management Only Mode.

 

In your case, since you have dedicated Log Collectors for log collection, I would go for Management Only Mode. This mode was designed for the deployment scenario with dedicated log collectors and brings below benefits.

 

On Panorama VM, this mode provides a smaller memory footprint, and on a hardware-based M series Panorama appliance it frees up resources required for log collection functions. Because the log related capabilities are not enabled in this mode, the configuration management capability on Panorama is more efficient and results in faster commit times, speedier configuration pushes, and deployment of software and content updates.

 

The only disadvantage with Management Only Mode I can see is the case you have Panorama appliances set up as local log collector and there are some logs on disks. With conversion from Panorama Mode to Management Only Mode, it will cause these logs to be inaccessible. Also if your 01 appliances are for example M-200 with all slots occupied with disks, you will not be able to use them anymore for log collection which is a bit of waste.

 

Kind Regards

Pavel

Help the community: Like helpful comments and mark solutions.

View solution in original post

1 REPLY 1

Cyber Elite
Cyber Elite

Thank you for posting question @RobertShawver

 

You are left only with 2 options: Panorama Mode and Management Only Mode.

 

In your case, since you have dedicated Log Collectors for log collection, I would go for Management Only Mode. This mode was designed for the deployment scenario with dedicated log collectors and brings below benefits.

 

On Panorama VM, this mode provides a smaller memory footprint, and on a hardware-based M series Panorama appliance it frees up resources required for log collection functions. Because the log related capabilities are not enabled in this mode, the configuration management capability on Panorama is more efficient and results in faster commit times, speedier configuration pushes, and deployment of software and content updates.

 

The only disadvantage with Management Only Mode I can see is the case you have Panorama appliances set up as local log collector and there are some logs on disks. With conversion from Panorama Mode to Management Only Mode, it will cause these logs to be inaccessible. Also if your 01 appliances are for example M-200 with all slots occupied with disks, you will not be able to use them anymore for log collection which is a bit of waste.

 

Kind Regards

Pavel

Help the community: Like helpful comments and mark solutions.
  • 1 accepted solution
  • 1737 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!