Network technologies and trends

Sep 19 2015   4:43PM GMT

Palo Alto Networks Firewall Configuration Management Auditing

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

Configuration management

Palo Alto Network Firewall offers configuration-auditing feature, using this feature one can compare any two configuration files and see the difference. Palo Alto firewalls after comparing any two configuration files, highlights the differences using color coding schemes. Following color codes are used to highlight the changes in comparison between any two configuration files.

Yellow: Indicates a change

As you can see from the below snap shot when the Palo Alto Networks Firewall was started it didn’t had any IP address assigned to interface Ethernet 1/1

After adding an IP address the audit result shows the addition in Yellow color

Screen Shot 2015-09-19 at 7.40.04 PM

Green: Indicates an addition

The below snapshot shows an that Ethernet 1/1 was added to virtual router and this reflected by green color.

Screen Shot 2015-09-19 at 7.26.38 PM

Red: indicates a deletion

The below snapshot clearly shows that virtual router was deleted and its been highlighted in red color.

Screen Shot 2015-09-19 at 7.30.09 PM

This innovative and graphical way of doing comparison between different versions of configuration proves to be a very handy tool for troubleshooting. These kinds of tiny little features makes Palo Alto Networks Firewall really of the next generation. Palo Alto came out with some unique features which differentiates them from rest of the player.

1  Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • ranjith79
    this is an old feature already seen with different vendor..
    10 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: