Professional Documents
Culture Documents
Panorama: Key Security Features
Panorama: Key Security Features
Security deployments are complex and can overload IT teams with complex
security rules and mountains of data from multiple sources. Panorama™ network
security management empowers you with easy-to-implement, consolidated
policy creation and centralized management features. Set up and control firewalls
centrally with industry-leading functionality and an efficient rule base, and gain
insight into network-wide traffic and threats.
PA
N
O
RA
M
MANAGEMENT
A
PANORAMA
• Deploy corporate policies centrally to • Simplified Powerful Policy
Headquarters • Enterprise Class Management
be used in conjunction with regional or • Unmatched Visibility
Data Center
functional policies for maximum flexibility
• Delegate appropriate levels of administra-
tive control at the regional level or globally
with role-based management
• Group devices into logical, hierarchical
device groups for greater management
flexibility
• Utilize template stacks for easy device and
network configuration
• Easily import existing device configurations Remote Offices
into Panorama Branch Offices
Regional Offices
VISIBILITY AND SECURITY
Figure 1: Panorama deployment
• Automatically correlate indicators
of threats for improved visibility and
confirmation of compromised hosts across Simplified Powerful Policy – Panorama network security management
your network provides static rules in an ever-changing network and threat landscape.
• Centrally analyze, investigate and report Manage your network security with a single security rule base for firewall,
network traffic, security incidents and threat prevention, URL filtering, application awareness, user identification,
administrative modifications sandboxing, file blocking and data filtering. This crucial simplification,
along with dynamic security updates, reduces workload on administrators
• View a highly customizable graphical while improving your overall security posture.
summary of applications, users, content
and security threats Enterprise Class Management – Panorama keeps the enterprise user in
mind. Control your internet and data center edge and your private and
• Generate actionable, customizable reports public cloud deployments, all from one single console. Panorama can
to view application and threat traffic, be deployed via virtual appliances, our purpose-built appliances, or a
SaaS usage, and user behavior across your combination of the two. Use appliances as Panorama management units,
configuration or as log collectors in hierarchical deployment options. As your network
grows, you just need to add the log collectors – we take care of the rest.
DG Business Unit X
Figure 1: ACC
DG Headquarters DC West DC East
Finance Guest Web PCI Exch. PCI Exch.
each tab includes pertinent widgets for better visualization of East Template West Template
traffic patterns on your network. Custom tabs can be created,
Global Template
which include widgets that enable you to drill down into the
information that is most important to the administrator. ACC
provides a comprehensive, fully customizable view of not only Figure 3: Template Stacking
current but also historical data.
Additional data on URL categories and threats provides a Traffic Monitoring: Analysis, Reporting and Forensics
complete and well-rounded picture of network activity. The Panorama pulls in logs from firewalls, both physical as well as
visibility from ACC enables you to make informed policy virtual, and from Traps™ advanced endpoint protection and
decisions and respond quickly to potential security threats. stores them in its own log storage. As you perform log queries
and generate reports, Panorama dynamically pulls the relevant
Reduced Response Times: Automated Correlation Engine logs from its log storage and presents the result to the user.
The automated correlation engine built into the next- • Log viewer: For an individual device, all devices or Traps,
generation firewall surfaces critical threats that may be you can quickly view log activities using dynamic log filter-
hidden in your network. It includes correlation objects ing by clicking on a cell value and/or using the expression
that are defined by the Palo Alto Networks threat research builder to define the sort criteria. Results can be saved for
team. These objects identify suspicious traffic patterns or future queries or exported for further analysis.
a sequence of events that indicates a malicious outcome.
Some correlation objects can identify dynamic patterns that • Custom reporting: Predefined reports can be used as is,
have been observed from malware samples in WildFire™ customized, or grouped together as one report in order to
cloud-based threat analysis service. suit specific requirements.
4401 Great America Parkway © 2017 Palo Alto Networks, Inc. Palo Alto Networks is a registered trademark
Santa Clara, CA 95054 of Palo Alto Networks. A list of our trademarks can be found at http://www.
Main: +1.408.753.4000 paloaltonetworks.com/company/trademarks.html. All other marks mentioned
Sales: +1.866.320.4788 herein may be trademarks of their respective companies.
Support: +1.866.898.9087 panorama-ds-050817
www.paloaltonetworks.com