Palo Alto Networks NGFW
Updated Jan. 13 2022

The Palo Alto Networks - Venafi integration provides intelligent orchestration and management of machine identities for Palo Alto Networks Next Gen Firewalls.
Business Outcomes
  • Ensure confidentiality and integrity of communications

  • Streamline operations by eliminating manual provisioning

  • Increase security posture with properly identified machine identities

  • Prevent downtime and outages caused by expired certifictates

Integration Features
  • Create, renew, verify & revoke machine identities for Palo Alto Networks NGFW

  • Fully automate certificate renewal and deployment for Palo Alto Networks devices

  • Eliminate self-signed certificates and browser issues

Solution Overview

The Palo Alto Networks – Venafi integration provides intelligent orchestration and management of machine identities for Palo Alto Networks Next Gen Firewalls. Our other Palo Alto Networks integration handles automated provisioning of machine identities used in Palo Alto Networks policies for TLS inspection, but the Palo Alto Networks admin UI also uses a machine identity to secure communication. 

Usually, that certificate is self-signed, or requires manual intervention when it expires. With this integration, Palo Alto Networks administrators no longer need to worry about managing the lifecycle of the UI certificate.