Panorama Managed AI Runtime Security Onboarding Prerequisites

Panorama Managed AI Runtime Security Onboarding Prerequisites

1. Deploy Panorama in standalone or High Availability (HA) mode.

   • Copy and save the active/passive Panorama IP address by navigating to Panorama web (Interface→ PANORAMA→ High availability).
2. Generate the VM Auth Key on Panorama.
3. Optional For Panorama managed firewalls deployed on public clouds:

   • Add the public IP address of the firewall under Panorama > Setup > Interfaces > Management.
   • Select the Network Connectivity Services to allow on the interface (such as SSH access).
   • Click OK to save your changes to the interface.
   • Select Commit > Commit to Panorama and Commit your changes.
4. Panorama CloudConnector Plugin 2.1.0 (if not already installed).
5. Enterprise DLP Plugin on Panorama 5.0.5 or above.
6. Select the Telemetry region as Americas.

   While enabling telemetry is optional for this feature, it's recommended to set the Telemetry region to Americas if you have not already configured it.
7. Optional Onboard Panorama to Strata Logging Service.

   This is an optional step if you want the AI Runtime Security: Network intercept to forward the logs to Strata Logging Service and Panorama to retrieve the logs from Strata Logging Service. Refer Onboarding the firewalls to Strata Logging Service for details.
8. Enable automatic configuration push to managed firewalls on the template stack on Panorama before onboarding AI Runtime Security: Network intercept.

   Panorama will push the AI profiles to the AI cloud service.
9. Select Commit > Commit to Panorama and Commit your changes.

   What’s Next

   Follow the onboarding workflow for your cloud provider to enable the discovery of your cloud assets.