vRealize Network Insight displays Palo Alto physical devices in VM-VM path, if the device is available in path.

When you click the device icon in the VM-VM path, you see basic information such as interfaces, routes, and applicable Palo Alto firewall rules. vRealize Network Insight also supports Palo Alto integration with NSX-V through service insertion. In VM-VM path, if Palo Alto service VM available on host, then you see the applicable Palo Alto firewall rules on the host.

You can create and register multiple service definitions in Panorama with a given NSX manager. When different ESXi clusters have workloads that require the VM Series firewall to handle traffic differently, then multiple service definitions are created. Each service definition has an associated device group from which the policies are picked.