Management Features
Focus
Focus

Management Features

Table of Contents

Management Features

What new management features are in PAN-OS 10.2?
New Management Feature
Description
PAN-OS Software Patch Deployment
PAN-OS 10.2.8 and later releases
Download and install PAN-OS software patches to apply fixes to bug or Common Vulnerability Exposure (CVE) without the need to schedule a prolonged maintenance window to install a new PAN-OS version from the Next-Generation Firewall or Panorama™ management server web interface. This allows you to strength your security posture immediately without introducing new known issues or changed to default behaviors that may come with installing a new PAN-OS version.
Policy Rulebase Management Using the Tag Browser
PAN-OS 10.2.5 and later releases
Tags allows you the ability to visually group your policy rulebase. PAN-OS 10.2.5 introduces the Tag Browser which allows you to manage your policy rulebase using the applied tags, and thereby simplifies policy rulebase management.
AIOps for NGFW
Streamline your firewall operations with AIOps for NGFW, a new product offered on the hub. AIOps for NGFW leverages PAN-OS device telemetry and best practice assessments to give you up-to-date information about device health and security posture. This information includes alerts, interactive dashboards, remediation recommendations, and more.
Selective Commit of Configuration Changes
PAN-OS 10.2 allows firewall and Panorama administrators to review and select specific configuration objects to commit, including configuration changes made by other administrators. Leveraging selective commit allows you to maintain your defined operational procedure while still being able to successfully make independent configuration changes not defined in your operational scope.
Simplified Software Upgrade
Firewalls and Panorama management servers now validate software upgrades before you install them. This allows more steps to be completed prior to the software installation, which speeds up software upgrades and increases confidence in the upgrade process. For example, prior to downloading the target release, the appliance displays any required software, including intermediate software versions and content dependencies, which you can download along with the target release in one step. You can also use an SCP server as a download source and view a history of software upgrades.
Strata Cloud Manager Command Center
The Strata Cloud Manager Command Center is your new NetSec homepage; it is your first stop to assess the health, security, and efficiency of your network. In a single view, the command center shows you all users and IoT devices accessing the internet, SaaS applications, and private apps, and how Prisma Access, your NGFWs, and your security services are protecting them.
The command center provides you with four different views, each with its own tracked data, metrics, and actionable insights to examine and interact with:
  • Summary: A high-level look at all your network and security infrastructure. Monitor the traffic between your sources (users, IoT) and applications (private, SaaS), and see metrics onboarded security subscriptions.
  • Threats: Dig deeper into anomalies on your network and block threats that are impacting your users. Review the traffic inspected on your network and see how threats are being detected and blocked around the clock by your Cloud-Delivered Security subscriptions.
  • Operational Health: Review incidents of degraded user experience on your network and see root-cause analysis of the issues and remediation recommendations.
  • Data Security: Find high-risk sensitive data and update data profiles to further secure your network. Review the sensitive data flow across your network and SaaS applications.
When the command center surfaces an issue through one of these views that you should address or investigate (an anomaly, a security gap, a degraded user experience, something that impacts the security and health of your network), it provides a path to where you can take actions to further secure your network.
View Preferred and Base Releases of PAN-OS Software
PAN-OS 10.2.10 and later 10.2 releases
The Panorama web interface now displays the preferred releases and the corresponding base releases of PAN-OS software. Before you upgrade or downgrade Panorama or PAN-OS, you can view the list of preferred and base releases and choose your preferred target PAN-OS release. Preferred releases offer the latest and the most advanced features and ensure stability and performance. When there are no preferred releases available, the corresponding base version is not displayed. If necessary, you can choose to view either preferred releases or base releases.