With the Panorama plugin for VM-Series installed. Panorama can collect a predefined set of attributes from which services in Amazon Web Services (AWS) as tags and populate it in the VM-Series firewall?
With the Panorama plugin for VM-Series installed. Panorama can collect a predefined set of attributes from which services in Amazon Web Services (AWS) as tags and populate it in the VM-Series firewall?
The Panorama plugin for VM-Series can collect a predefined set of attributes specifically from EC2 instances in Amazon Web Services (AWS) as tags and populate these in the VM-Series firewall. This allows the firewall to create IP-to-tag mappings which can be used for dynamic address groups to manage security policies dynamically based on the attributes of the EC2 instances.
"D" is correct. The plug-in can monitor the EC2 instances in the VPC, collects the attributes assigned to the EC2 instances, and create IP-to-Tag mappings which can then be used for dynamic address groups. The plug-in polls the attributes of all the EC2 instances, not the VPCs. However... you configure the the plug-in to watch VPCs for EC2, not the EC2 instances themselves. Therefore, "D" is the answer since that's where the actual tag data is located. https://docs.paloaltonetworks.com/vm-series/11-1/vm-series-deployment/set-up-the-vm-series-firewall-on-aws/about-aws-vm-monitoring/set-up-vm-monitoring-on-aws