Integrations

The Illumio integration with Palo Alto Networks NGFW allows organizations to collect and analyze firewall logs to enhance visibility, drive segmentation decisions, and improve their security posture. This integration combines Palo Alto Networks' native log-export capabilities and Illumio's real-time traffic visibility to allow security teams to make data-driven policy decisions.

There are two supported methods to send Palo Alto Networks logs to Illumio: directly from Palo Alto Networks or from Cribl.

Forward logs directly from the Palo Alto Networks Panorama instance to the Illumio Syslog Service using mTLS and then onboard these logs using the Log Exporter.

For customers who are using Cribl, you have the option to send logs directly from Cribl to the Illumio-hosted Azure Event Hub. The Cribl method is supported for select customers only, so contact Illumio Support if you want to use this method. See Enable Cribl to Send Palo Alto Networks Firewall Logs to Azure Event Hub.