Scribd
Upload
31 views2 pages

Configure Panorama To Use Multiple Interfaces

The document is a guide on configuring Panorama for network segmentation using multiple M-Series Appliance interfaces. It explains how to improve security and reduce congestion by segregating subnetworks and highlights the benefits of load balancing for log collection. Additionally, it emphasizes the importance of securing the management interface by offloading services to other interfaces.

Uploaded by

bibist
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
31 views2 pages

Configure Panorama To Use Multiple Interfaces

The document is a guide on configuring Panorama for network segmentation using multiple M-Series Appliance interfaces. It explains how to improve security and reduce congestion by segregating subnetworks and highlights the benefits of load balancing for log collection. Additionally, it emphasizes the importance of securing the management interface by offloading services to other interfaces.

Uploaded by

bibist
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

(/content/techdocs/en_US.

html)

Updated on Mar 13, 2025

Home (/) | Panorama (/content/techdocs/en_US/panorama.html)


| Panorama Administrator's Guide (/content/techdocs/en_US/panorama/10-1/panorama-admin.html)
| Set Up Panorama (/content/techdocs/en_US/panorama/10-1/panorama-admin/set-up-panorama.html)
| Set Up the M-Series Appliance (/content/techdocs/en_US/panorama/10-1/panorama-admin/set-up-panorama/set-up-the-m-series-
appliance.html)
| Configure Panorama to Use Multiple Interfaces (/content/techdocs/en_US/panorama/10-1/panorama-admin/set-up-panorama/set-up-
the-m-series-appliance/configure-panorama-to-use-multiple-interfaces.html)

DOWNLOAD PDF (/CONTENT/DAM/TECHDOCS/EN_US/PDF/PANORAMA/10-1/PANORAMA-ADMIN/PANORAMA-


ADMIN.PDF)

Panorama Administrator's Guide


(/content/techdocs/en_US/panorama/10-
1/panorama-admin.html)
Configure Panorama to Use Multiple Interfaces

Table of Contents

In a large-scale network, you can improve security and reduce congestion by implementing network segmentation, which
involves segregating the subnetworks based on resource usage, user roles, and security requirements. Panorama supports
network segmentation by enabling you to use multiple M-Series Appliance Interfaces
(/content/techdocs/en_US/panorama/10-1/panorama-admin/set-up-panorama/set-up-the-m-series-appliance/m-series-
appliance-interfaces.html#id6bd65976-95fb-484b-91f6-65639d0fb260) for managing devices (firewalls, Log Collectors,
and WildFire appliances and appliance clusters) and collecting logs; you can assign separate interfaces to the devices on
separate subnetworks.

Using multiple interfaces to collect logs also provides the benefit of load balancing, which is particularly useful in
environments where the firewalls forward logs at high rates to the Log Collectors. If you enable the forward to all Log
Collectors setting in the Collector Group log forwarding preference list (/content/techdocs/en_US/panorama/10-1/panorama-
admin/manage-log-collection/manage-collector-groups/configure-a-collector-group.html#ide673d91e-8a6f-439a-a269-
6536c092b28e), logs are sent on all configured interfaces configured. Otherwise, logs are forwarded over a single interface,
and if that interface goes down, log forwarding continues over the next configured interface. For example, you configure
Eth1/1, Eth1/2, and Eth1/3 for log forwarding. In the event the Eth1/1 interface goes down, log forwarding continues over
Eth1/2.

Because administrators access and manage Panorama over the MGT interface, securing that interface is especially important.
One method for improving the security of the MGT interface is to offload Panorama services to other interfaces. In addition to
device management and log collection, you can also offload Collector Group communication and deployment of software and
content updates to firewalls, Log Collectors, and WildFire appliances and appliance clusters. By offloading these services,
you can reserve the MGT interface for administrative traffic and assign it to a secure subnetwork that is segregated from the
subnetworks where your firewalls, Log Collectors, and WildFire appliances and appliance clusters reside.

Multiple Interfaces for Network Segmentation Example (/content/techdocs/en_US/panorama/10-1/panorama-admin/set-


up-panorama/set-up-the-m-series-appliance/configure-panorama-to-use-multiple-interfaces/multiple-interfaces-for-
This site uses cookies essential to its operation, for analytics, and for personalized content and ads. By
network-segmentation-example.html#id32b93271-2273-4946-b514-2d884c16edb0)
continuing to browse this site, you acknowledge the use of cookies. Privacy statement ❯ Cookie Settings
(https://www.paloaltonetworks.com/legal-notices/privacy)
Configure Panorama for Network Segmentation (/content/techdocs/en_US/panorama/10-1/panorama-admin/set-up-
panorama/set-up-the-m-series-appliance/configure-panorama-to-use-multiple-interfaces/configure-panorama-for-
network-segmentation.html#idf8c5568c-d412-4c7f-a1e8-630e445cd168)

Was this information helpful?

Yes No

Previous Next (/content/techdocs/en_US/panorama/10-


(/content/techdocs/en_US/panorama/10-
Upgrade Multiple 1/panorama-admin/set-up-panorama/set-
1/panorama-admin/set-up-panorama/set-up-
Drives on Interfaces for up-the-m-series-appliance/configure-
the-m-series-appliance/increase-storage-on-
an M- Network panorama-to-use-multiple-
the-m-series-appliance/upgrade-drives-on-
Series Segmentation interfaces/multiple-interfaces-for-
an-m-series-appliance.html)
Appliance Example network-segmentation-example.html)

Technical Documentation Company

Release Notes (/content/techdocs/en_US/release-notes.html) About (https://www.paloaltonetworks.c


Search (/content/techdocs/en_US/search.html) Careers (https://jobs.paloaltonetworks.
Blog (https://www.paloaltonetworks.com/blog/category/technical-documentation/) Customer Support (https://support.palo
Compatibility Matrix (/content/techdocs/en_US/compatibility-matrix.html) LIVE Community (https://live.paloaltone
OSS Listings (/content/techdocs/en_US/oss-listings.html) Knowledge Base (https://knowledgebas
Sitemap (/content/techdocs/en_US/sitemap.html)

(https://www.facebook.com/PaloAltoNetworks) (https://www.linkedin.com/company/palo-alto-networ

(/content/techdocs/en_US.html) © 2025 Palo Alto Networks, Inc. All rights reserved.

This site uses cookies essential to its operation, for analytics, and for personalized content and ads. By
continuing to browse this site, you acknowledge the use of cookies. Privacy statement ❯
(https://www.paloaltonetworks.com/legal-notices/privacy)

You might also like