Security Policy Automation for Palo Alto Networks Panorama and Firewalls.

What is PAN-OS firewall management and how does Tufin augment it?

PAN-OS powers all of Palo Alto Network’s next generation firewalls across hardware, virtual machines, containers, and cloud services. PAN-OS gives your teams a central management interface with complete visibility and application controls across devices.

Tufin, enables automated firewall configuration and change management across PAN solutions, as well as the other vendor devices across your network, so you can consolidate and centralize the work of security policy management on single console.

With PAN-OS, teams can:

• Configure high availability across PAN-OS functionality and determine your Active/Active use case
• Log administrator actions and set up administrative access to protect your firewall against unauthorized configuration
• Ensure security across all networks, from data centers to the cloud
• Easily search candidate configuration on a firewall or Panorama Management Server for a particular string with Global Find
• Classify traffic with App-ID, which automatically detects and controls even the sneakiest of new applications
• Remain audit ready with automatic log collection
• Simplify authentication and enforce zero trust with protection from phishing attacks
• Use the API keys to authenticate API calls to the XML API and REST API
• Execute arbitrary OS commands and escalate privileges with an OS command injection vulnerability in the PAN-OS web interface
• Create a policy rule base for devices independent of changes or updates to location or IP address
• Configure log forwarding from all Panorama or external services for optimal network activity visibility
• Configure log storage so that expired logs delete automatically
• View graphical traffic depictions in the Application Command Center (ACC) for actionable network intelligence
• Scan, understand, and control network traffic for comprehensive threat prevention
• Perform security functions in one quick scan, making your teams more agile and reducing complexity
• Perform decryption of TLS and SSL encrypted traffic to fend off malware attacks

Palo Alto Networks’ Panorama devices help IT and security teams automate firewall configuration and security management to simplify network management while minimizing the number and duration of threats on your network.

Tufin, enables automated firewall configuration and change management across Panorama devices, as well as the other vendor devices across your network, so you can consolidate and centralize the work of security policy management on single console.

Panorama devices enable teams to:

• Set up and manage firewall by group based on criteria they define
• Maintain consistent firewall rules across your network with URL filtering, threat prevention, access control, and more
• Easily visualize and monitor network activity, threats, and blocked activity from a centralized management dashboard
• Perform routing functions across a variety of ports and protocols
• Create new rule sets quicker with preconfigured templates, or create device groups, role-based access control, and policy tags tailored to the needs of your organization
• Scale easily as your firewall deployments grow
• Easily add new firewalls to your network