What are the management options for Palo Alto firewalls?

There are a lot of ways you can manage and configure your Palo Alto firewalls. The 4 ways are: Web interface, CLI, Panorama, and XML API. This is a topic on the Palo Alto NGFW Engineer exam I will be taking next month. Here are how you can use them:

Web Interface - You are able to configure and monitor the firewall over HTTP/HTTPS from a web browser. You will need to set up a management IP, by default this is 192.168.1.1.

CLI - You can configure and monitor the device by accessing hte CLI through a few ways. You can use Telnet (Not recommended), SSH, or the consoling into the console port. You then use a terminal emulator program like Putty or SecureCRT (My favorite).

Panorama is also a form of web-based management allowing you do to logging, configuration, and reporting in a centralized hub. It has more feature then the normal web interface. To be able to use this you will need a license for Panorama and also need to set it up then onboard the devices you want to manage through the centralized dashboard.

This gives us a REST-Based interface to access device config, status, report, and also do packet captures. There is an API Browser available on the firewall: https://<hostname/ip>/api. I am not an expert on this but there are some great guides on youtube if you look up Palo Alto REST API.