Panorama Performance Mode

Overview

From R24-1 PGA.0.0, TOS Aurora contains an enhanced mode that improves the performance for Palo Alto Panorama devices. This mode is not set by default in the current release, but will be the default mode in the future.

This enhanced performance mode also extends capabilities for Panorama devices:

  • Topology support for Panorama-managed Prisma Access

  • Automation support for Panorama DAG with ACI tags

  • Panorama rules' UUID visibility in Rule Viewer

Note that these capabilities will not work without the enhanced mode.

Limitations

When you activate the enhanced mode, there are two known issues that will occur after the next revision. You should ignore both of these issues.

  • In the Rule History page, there will be an Id on Device entry in the Context column, indicating a modification for this parameter. Note that there are no changes to the rules themselves.

  • In the Summary section of the Compare tab, when generating a report between the newest revision (after the enhancement) and the revision before the enhancement, you will see unnecessary changes for several features such as Network Objects, Services, or Applications.

Enable Performance Mode

Run the API:

Request URL

https://<ST_IP>/securetrack/api/stconf/

Request Method

PUT

Content-Type

JSON

Request Query Parameters

None

Request Body (true/false)

{ "conf":
    {
        "enable_panorama_rest_api" : true
    }
}
{ "conf": { "enable_panorama_rest_api" : true } }

Disable Performance Mode

Run the API:

Request URL

https://<ST_IP>/securetrack/api/stconf/

Request Method

PUT

Content-Type

JSON

Request Query Parameters

None

Request Body (true/false)

{ "conf":
    {
        "enable_panorama_rest_api" : false
    }
}
{ "conf": { "enable_panorama_rest_api" : false } }