Background
Palo Alto Networks firewalls support a process known as ‘bootstrapping’ which allows you create a repeatable way of provisioning your new firewalls. It allows you deploy basic configuration to the firewall upon startup.
I often need a Palo Alto firewall to test new features or just to try out a lab exercise. But a hardware appliance is not always available. Running a virtual firewall in a home lab environment using GNS3 or Eve-ng is useful. But typically, I need to be connected to the home network to use … Read more
I recently had a requirement to review the Panorama configuration for a specific template. One option would have been to log on to the Panorama GUI, select the template and start going through each tab and option in Panorama to see all the configuration in that template. But this would have been time consuming. I … Read more
In this post, I cover the upgrade of a Palo Alto firewall using an Ansible playbook. Even though this playbook covers the upgrade of a single firewall, the real benefit comes where you have tens or hundreds of firewalls to upgrade. With the same playbook, you can upgrade all the firewalls simply by ensuring that … Read more
Palo Alto Networks firewalls support a process known as ‘bootstrapping’ which allows you create a repeatable way of provisioning your new firewalls. It allows you deploy basic configuration to the firewall upon startup.
Prisma Cloud is an API-based cloud service from Palo Alto Networks that connects to your cloud environments in just minutes and aggregates volumes of raw configuration data, user activity information, and network traffic to analyze and produce concise and actionable insights.
In an earlier post, I showed how to retrieve credentials from AWS Secrets Manager using Ansible. This can be a useful way to get around storing sensitive credentials within your code repositories.
This post will show how to achieve the same thing using Python.
I recently had a requirement to install Cortex XSOAR Community edition in AWS.
First thing I suggest you do is idenfify the requirements of the host server. This is well-documented by Palo Alto Networks here.
For my installation, I provisioned an instance in AWS with the following details: