Panorama is a centralized management system that provides global visibility and control over multiple Palo Alto Networks next generation firewalls through an easy to use web-based interface. Panorama enables administrators to view aggregate or device-specific application, user, and content data and manage multiple Palo Alto Networks firewalls—all from a central location.
Globally managing multiple Palo Alto Networks next generation firewalls with Panorama or controlling a single device via the on-box capabilities is accomplished through a common web-based interface, eliminating the need to install a desktop client, while minimizing the learning curve for both interfaces. The result is that administrators can move from one management interface to another painlessly, allowing them to immediately take advantage of the provided multi-device capabilities.
| Panorama Centralized Management | Device Web Interface | |
| Multi-device management | Yes | No |
| Global view of all devices | Yes | No |
| Global logging/reporting | Yes | No |
| Application Command Center | Yes | Yes |
| App-Scope | Yes | Yes |
| Policy Editor | Yes | Yes |
| Web-based interface | Yes | Yes |
| Shared policies | Yes | No |
| Role-based administration | Yes | Yes |
| Requires management client | No | No |
Key Panorama features include:
- Application Command Center (ACC): Provides a visual summary of application, web, threat and data transfer activity displayed in a straightforward, easy to understand manner. Administrators can quickly learn more about the network activity by adding and removing filters in ACC with a click of the mouse.
- App-Scope: Provides a comparative view of application activity (present vs. a past timeframe) across either multiple devices or a single device to help administrators pinpoint problematic network behavior.
- Policy-based application usage control: Using a policy editor with a familiar look and feel, administrators can develop, deploy and manage application usage control polices using a wide range of criteria such as: user and group, application, application category, application behavior or underlying technology.
- Shared policies: Deploy a set of global policies across a set of distributed firewalls. Local device administrators will be able to see these rules, but only a Panorama administrator can modify or remove them.
- Centralized Update Management: Customers can use Panorama to manage licenses and perform device or content updates (viruses patterns, threat signatures, App-ID).
- Application browser: Allows administrators to quickly research an application, its behavioral characteristics and underlying technology and then immediately translate the results into a security policy.
- Logging: Detailed logs are collected locally, leveraging device storage and eliminating the requirement for centralized logging. Logs can be dynamically filtered on individual fields as well as through regular expressions.
- Reporting: More than 30 predefined reports can be used as is or modified and saved for future use. Reports can be exported to PDF and scheduled for email delivery.
