You can add Palo Alto Networks Panorama as a data source in vRealize Network Insight.
Prerequisites
You must ensure that:
- The data source and its version is supported in vRealize Network Insight. For more information, see Supported Products and Versions.
- The data source follows VMware Ports and Protocols supported in vRealize Network Insight. For more information, see VMware Ports and Protocols.
- You have admin role with XML API access. For more details, see Palo Alto Firewall.
In the
Panorama UI, perform the following steps to add an admin role for XML API.
- Select .
- Click Add to add a new admin role.
- In the The Admin Role Profile window, enter the name to the role and select Panorama.
- Click the Web UI tab and deactivate all entries.
- Click the XML API tab and deactivate all entries, except Configuration and Operational Requests.
- Click OK to close the window.
The new admin role appears in the list.
- Click Commit.
- Assign this role to an administrator account or create a new user and assign this role to the new user.
Note:
vRealize Network Insight does not currently fetch local Palo Alto Network policies that are directly defined in the devices.
Note:
vRealize Network Insight does not support the Palo Alto Panorama integration with multiple NSX managers.
Procedure
- From the left navigation pane, go to .
- Click Add Source.
- Under Firewalls, click Palo Alto Networks Panorama.
- In the Add a New Palo Alto Networks Panorama Account or Source page, provide the required information.
Option Action Collector VM Select a collector VM from the drop-down menu. IP Address/FQDN Enter the IP address or the FQDN details. Username Enter the user name. Password Enter the password. - Click Validate.
- Define the polling interval for the configuration data collection. You can set the polling interval from 10 minutes to 7 days.
- Preset - Select the interval time from the predefined time set.
- Custom Interval - Set a value and select Minutes, Hours, and Days.
- Fixed Schedule - Select the days and set the time to schedule the interval.
- (Optional) In the Nickname text box, enter a nickname.
- (Optional) In the Notes text box, add a note if necessary.
- Click Submit.