The Paloalto Panorama connector integrates with the Palo Alto Networks® Panorama and supports containment actions such as blocking URLs or IP addresses on the devices configured on Panorama.
This document provides information about the Paloalto Panorama connector, which facilitates automated interactions with Palo Alto Networks® Panorama using FortiSOAR™ playbooks. Add the Paloalto Panorama connector as a step in FortiSOAR™ playbooks and perform automated operations, such as blocking or unblocking URLs, IP addresses, or applications that you have specified and retrieving a list of connected firewalls from Panorama.
Connector Version: 1.0.1
Authored By: Fortinet
Certified: No
Following enhancements have been made to the PaloAlto Panorama connector in version 1.0.1:
Updated the name of the connector from Panorama to PaloAlto Panorama.
Renamed the List of Connected Firewalls operation to Get Connected Firewalls.
Updated the configuration parameter name Address Group to IP Address Group.
All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum
command to install connectors:
yum install cyops-connector-paloalto-panorama
For the detailed procedure to install a connector, click here.
For the procedure to configure a connector, click here.
The following automated operations can be included in playbooks, and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:
Function | Description | Annotation and Category |
---|---|---|
Block IP | Blocks the IP address that you have specified on all or selected devices configured on Panorama. | block_ip Containment |
Unblock IP | Unblocks the IP address that you have specified on all or selected devices configured on Panorama. | unblock_ip Remediation |
Block URL | Blocks the URL that you have specified on all or selected devices configured on Panorama. | block_url Containment |
Unblock URL | Unblocks the URL that you have specified on all or selected devices configured on Panorama. | unblock_url Remediation |
Block Application | Blocks the application that you have specified on all or selected devices configured on Panorama. | block_app Containment |
Unblock Application | Unblocks the application that you have specified on all or selected devices configured on Panorama. | unblock_app Remediation |
Get Connected Firewalls | Retrieves a list of all configured firewalls from Panorama. |
Parameter | Description |
---|---|
IP Address | IP address that you want to block using Panorama. |
Device group to configure | Device group on which you want to block the IP address. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
IP Address | IP address to unblock using Panorama. |
Device group to configure | Device group on which you want to block the IP address. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
URL | URL to block using Panorama. |
Device group to configure | Device group on which you want to block the URL. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
URL | URL to unblock using Panorama. |
Device group to configure | Device group on which you want to unblock the URL. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Application Name | Name of application to block using Panorama. |
Device group to configure | Device group on which you want to block the application. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Application Name | Name of application to unblock using the Panorama. |
Device group to configure | Device group on which you want to unblock the application. |
The output contains a non-dictionary value.
None.
The output contains a non-dictionary value.
The Sample - Paloalto-Panorama - 1.0.1
playbook collection comes bundled with the Paloalto Panorama connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Paloalto Panorama connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
The Paloalto Panorama connector integrates with the Palo Alto Networks® Panorama and supports containment actions such as blocking URLs or IP addresses on the devices configured on Panorama.
This document provides information about the Paloalto Panorama connector, which facilitates automated interactions with Palo Alto Networks® Panorama using FortiSOAR™ playbooks. Add the Paloalto Panorama connector as a step in FortiSOAR™ playbooks and perform automated operations, such as blocking or unblocking URLs, IP addresses, or applications that you have specified and retrieving a list of connected firewalls from Panorama.
Connector Version: 1.0.1
Authored By: Fortinet
Certified: No
Following enhancements have been made to the PaloAlto Panorama connector in version 1.0.1:
Updated the name of the connector from Panorama to PaloAlto Panorama.
Renamed the List of Connected Firewalls operation to Get Connected Firewalls.
Updated the configuration parameter name Address Group to IP Address Group.
All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum
command to install connectors:
yum install cyops-connector-paloalto-panorama
For the detailed procedure to install a connector, click here.
For the procedure to configure a connector, click here.
The following automated operations can be included in playbooks, and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:
Function | Description | Annotation and Category |
---|---|---|
Block IP | Blocks the IP address that you have specified on all or selected devices configured on Panorama. | block_ip Containment |
Unblock IP | Unblocks the IP address that you have specified on all or selected devices configured on Panorama. | unblock_ip Remediation |
Block URL | Blocks the URL that you have specified on all or selected devices configured on Panorama. | block_url Containment |
Unblock URL | Unblocks the URL that you have specified on all or selected devices configured on Panorama. | unblock_url Remediation |
Block Application | Blocks the application that you have specified on all or selected devices configured on Panorama. | block_app Containment |
Unblock Application | Unblocks the application that you have specified on all or selected devices configured on Panorama. | unblock_app Remediation |
Get Connected Firewalls | Retrieves a list of all configured firewalls from Panorama. |
Parameter | Description |
---|---|
IP Address | IP address that you want to block using Panorama. |
Device group to configure | Device group on which you want to block the IP address. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
IP Address | IP address to unblock using Panorama. |
Device group to configure | Device group on which you want to block the IP address. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
URL | URL to block using Panorama. |
Device group to configure | Device group on which you want to block the URL. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
URL | URL to unblock using Panorama. |
Device group to configure | Device group on which you want to unblock the URL. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Application Name | Name of application to block using Panorama. |
Device group to configure | Device group on which you want to block the application. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Application Name | Name of application to unblock using the Panorama. |
Device group to configure | Device group on which you want to unblock the application. |
The output contains a non-dictionary value.
None.
The output contains a non-dictionary value.
The Sample - Paloalto-Panorama - 1.0.1
playbook collection comes bundled with the Paloalto Panorama connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Paloalto Panorama connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.