Device telemetry collects data about your next-generation firewall or Panorama and shares it with Palo Alto Networks by uploading the data to Cortex Data Lake. This data is used to power telemetry apps, which are cloud-based applications that make it easy to monitor and manage your next-generation firewalls and Panoramas. These apps improve your visibility into device health, performance, capacity planning, and configuration. Through these apps, you can maximize the benefits you enjoy from the products and services that Palo Alto Networks delivers.

Telemetry data is also used for sharing threat intelligence, providing enhanced intrusion prevention, evaluation of threat signatures, as well as improved malware detection within PAN-DB URL filtering, DNS-based command-and-control (C2) signatures, WildFire, and to further improve Palo Alto Networks products and services. Review the PAN-OS Privacy information data sheet for details about the data that Palo Alto Networks collects.

(PAN-OS version 11.0.1 and later versions of 11.0) Palo Alto Networks auto-enables device telemetry collection. See Disable Device Telemetry to manually opt out of device telemetry collection.

Telemetry data is collected and stored locally on your device for a limited period of time. This data is shared with Palo Alto Networks only if you configure a destination region for the data. If your organization has a Cortex Data Lake license, then you can only send the data to the same region as where your Cortex Data Lake instance resides. If your organization does not have a Cortex Data Lake license, then you must install a device certificate in order to share this data. In this case, you can choose any available region, although you must conform to all applicable local laws regarding privacy and data storage.

Palo Alto Networks doesn't include data in transit as telemetry data sent to the Palo Alto Networks cloud and AIOps. Visit the PAN-OS Privacy for more information about telemetry privacy.

Telemetry data is collected and shared with Palo Alto Networks on predefined collection intervals. You can control whether data is collected and shared by enabling/disabling categories of data. You can also monitor the current status of data collection and transmission.

Finally, you can obtain a live sample of the data that your firewall is collecting for telemetry purposes. For a complete description of all the telemetry metrics that can be shared with Palo Alto Networks, including the privacy implication for each metric, see the PAN-OS Device Telemetry Metrics Reference Guide.