How to Monitor PaloAlto Firewall Using eG Enterprise

eG Enterprise monitors the Palo Alto Firewall using an eG external agent that is deployed on a remote host. This eG agent polls the SNMP MIB of the firewall to fetch the statistics related to the firewall at configured intervals. Before attempting to monitor the firewall, ensure that the firewall is SNMP-enabled.

Managing the PaloAlto Firewall

eG Enterprise can automatically discover the PaloAlto Firewall and also lets you to manually add the component if the firewall is not discovered. To manage a PaloAlto Firewall component, do the following:

  1. Log into the eG administrative interface.
  2. If the PaloAlto Firewall is already discovered, then directly proceed towards managing it using the COMPONENTS – MANAGE/UNMANAGE page.
  3. However, if it is yet to be discovered, then run discovery (Infrastructure -> Components -> Discover) to get it discovered or add the component manually using the COMPONENTS page (Infrastructure -> Components -> Add/Modify). Remember that components manually added are managed automatically. Discovered components, however, are managed using the COMPONENTS – MANAGE / UNMANAGE page.
  4. To add the PaloAlto Firewall component manually, follow the Components -> Add/Modify menu sequence in the Infrastructure tile of the Admin menu.
  5. In the COMPONENT page that appears next, select PaloAlto Firewall as the Component type. Then, click the Add New Component button. This will invoke Figure 1.

    fig1

    Figure 1 : Adding a PaloAlto Firewall

  6. Specify the Host IP/Name and Nick name of the PaloAlto Firewall in Figure 1. Then, click the Add button to add the firewall for monitoring.

Configuring the tests

  1. When you attempt to signout of the eG administrative interface, a list of unconfigured tests listing the tests requiring manual configuration, will appear (see Figure 2).

    fig2

    Figure 2 : List of unconfigured tests for the PaloAlto Firewall

  2. Click on any test in the list of unconfigured tests. For instance, click on the PaloAlto GlobalProtect Gateway test to configure it. In the page that appears, specify the parameters as shown in Figure 3.

    Figure 3 : Configuring the PaloAlto GlobalProtect Gateway test

  3. To know how to configure the PaloAlto Firewall specific tests, refer to Monitoring PaloAlto Firewall chapter.
  4. Once again, try to signout of the administrative interface. This time you will be prompted to configure the Host Processes test. To know the details on configuring this test, Host Processes Test.
  5. Finally, signout of the eG administrative interface.