The Palo Alto Network
Palo Alto Network hardware is incredibly powerful and complex. Most infrastructures have a team of specialists to handle the configuration and ongoing maintenance of this equipment. But siloing this team away from the rest of your IT department causes operational inefficiencies that lead to increased costs, consistency concerns, and dramatically reduced velocity.
As the speed of business increases every year, the resistance to change that these inefficiencies cause becomes more and more of a blocker.
Puppet's supported puppetlabs-panos
module allows users to manage Palo Alto Network devices the same way you manage the rest of your infrastructure. It does not replace your team of network experts, but allows them to use the same tools, languages, and deployment pipelines as other teams, dramatically improving collaboration.
The Palo Alto module automates the management of devices running multiple Palo Alto Network OS versions (from 7.1 and 8.1) and provides enhanced consistency in the management of both on-premises and cloud devices. It also supports network security devices using the same desired state management, allowing you to create and update security rules just like any other Puppet resource.
The module uses Puppet's resource API and our device model, meaning that it operates in agentless mode, interacting with Palo Alto firewalls using the PANOS XML API.
Further Reading:
- See the
puppetlabs-panos
on the Forge.