Monitor Changes in the Virtual Environment
Focus
Focus
Network Security

Monitor Changes in the Virtual Environment

Table of Contents

Monitor Changes in the Virtual Environment

Where Can I Use This?What Do I Need?
  • NGFW (PAN-OS & Panorama Managed)
  • Prisma Access (Managed by Panorama)
Check for any license or role requirements for the products you're using.
To secure applications and prevent threats in an environment where new users and servers are constantly emerging, your security policy must be nimble. To be nimble, the firewall must be able to learn about new or modified IP addresses and consistently apply policy without requiring configuration changes on the firewall.
This capability is provided by the coordination between the VM Information Sources and Dynamic Address Groups features on the firewall. The firewall and Panorama provide an automated way to gather information on the virtual machine (or guest) inventory on each monitored source and create policy objects that stay in sync with the dynamic changes on the network.
  • Enable VM Monitoring to Track Changes on the Virtual Network
    VM information sources provides an automated way to gather information on the Virtual Machine (VM) inventory on each monitored source (host); the firewall can monitor the VMware ESXi, vCenter Server, AWS-VPC, Microsoft Azure VNet, and Google Cloud.
  • Attributes Monitored on Virtual Machines in Cloud Platforms
    As you provision or remove virtual machines in the private or public cloud, you can use a Panorama plugin, a VM Monitoring script, or the VM Information Source on the next-gen firewall to monitor changes on virtual machines (VMs) deployed in the virtual environments.
  • Use Dynamic Address Groups in Policy
    Dynamic Address Groups are used in policy. They allow you to create policy that automatically adapts to changes—adds, moves, or deletions of servers. It also enables the flexibility to apply different rules to the same server based on tags that define its role on the network, the operating system, or the different kinds of traffic it processes.