A system engineer is working on the Proof of Concept (POC) for Cloud Next-Generation Firewall (NGFW) for Azure using an existing Panorama setup. However, connection with the Cloud NGFW instance. What could be the cause of this issue?
A system engineer is working on the Proof of Concept (POC) for Cloud Next-Generation Firewall (NGFW) for Azure using an existing Panorama setup. However, connection with the Cloud NGFW instance. What could be the cause of this issue?
The issue could be due to the necessary ports 8443 and 443 for communication between Cloud NGFW and Panorama being blocked. Ports 8443 and 443 are essential for establishing a proper communication channel. Without these ports being open, the connection cannot be made, which would result in the system engineer facing connectivity issues with the Cloud NGFW instance.
Answer A is correct: (requires PAN-OS versions 10.2.8, 11.0.4, 11.1.2 or later). https://aws.amazon.com/marketplace/pp/prodview-mn63yjbq37n4c
Explanation: The system engineer needs to ensure that a valid device certificate is installed for device telemetry to successfully transmit telemetry data back to Palo Alto Networks. Without this certificate, the connection with the Cloud NGFW instance cannot be established https://docs.paloaltonetworks.com/cloud-ngfw/azure/cloud-ngfw-for-azure/panorama-policy-management/link-cngfw-to-panorama
Answer A, and link provided are about Advanced Threat Prevention. Correct answer therefore is C as explained by omgt2k2.