//
you're reading...
IT & TECHNOLOGY, Palo Alto Networks

Tech Docs: Simplify Firewall Management Using Template Stacks


PANW-New-Logo-3

TechDocs_logo_lrg_final[1]

How Do Template Stacks Help Me Manage Firewalls?

Managing how firewalls operate in your network can be complex, especially if their locations and functions affect the settings you configure. Firewalls in one country might communicate with a different DNS server than firewalls in another country. Operations center firewalls might have different administrators than branch office firewalls. At the same time, maybe all your firewalls use the same roles for those administrators. You can simplify management by using a Panorama template to configure the settings that are common to all the firewalls in a particular location or functional group. However, if you have to manage both common and unique settings across many firewall groups, templates would be even more useful if you could modularize and reuse a few (building-block templates) to create many combinations. Template stacks make this not only possible, but easy.

Assigning firewalls to a template stack eliminates the need to configure common settings in each template because the firewalls inherit the settings from all the building-block templates in the stack. You can reduce both the number of templates and the number of settings in each by modularizing: create one template with common settings and function- or location-specific templates with unique settings. This approach is a lot less work than configuring all the common and unique settings in each template for each firewall group.

How Do I Configure a Template Stack?

The following infographic describes how to configure a template stack. The steps are:

  1. Plan the templates and their priority order. If multiple templates have the same settings, the settings in higher priority templates override lower priority templates.
  2. Create the templates.
  3. Create the template stack and assign templates (in the desired priority order) and firewalls to the stack.

template stacks

(Click to view downloadable PDF.)

For detailed instructions, refer to Configure a Template Stack in the PAN-OS 7.1 Administrator’s Guide.

[Palo Alto Networks Research Center]

About @PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Web Stats

  • 119,380 hits
@PhilipHungCao

@PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Personal Links

View Full Profile →

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 2,247 other followers

Twitter Updates

Archives

June 2016
M T W T F S S
« May   Jul »
 12345
6789101112
13141516171819
20212223242526
27282930  
%d bloggers like this: