• PA-7000 Series Firewalls. 

• PA-7000 Series firewalls support two log card models, Log Processing Card (LPC) and Log Forwarding Card (LFC). 
• PA-7000 Series firewalls either can be installed with Log Processing Card (LPC) or Log Forwarding Card (LFC), but not both. 

This article explains the difference between the two models.

Log Processing Card (LPC): 

• The Log Processing Card (LPC) is a dedicated log card that performs all logging functions and stores the dataplane logs locally on the firewall. 
• The Log Processing Card (LPC) can also be configured to forward logs to an external log collection system that you define, like panorama, syslog server, SNMP server etc. 
• As the logs are stored locally on the firewall, all the logs can be viewed under monitoring tab and also the ACC reports can be viewed when using Log Processing Card (LPC).  

      

• LPC installed on the firewall can be checked as below, 

admin@PA-7050-A(active)> show chassis inventory 

Slot       Component            Serial Number   Ports  Revision  Power (w)      
           Chassis              0xxxxxxxxxx9           1.0                      

1          PA-7000-20GXM-NPC    0xxxxxxxxxx5    24     1.0       350            
2          PA-7000-20G-NPC      0xxxxxxxxxx0    24     1.0       350            
3          PA-7000-20G-NPC      0xxxxxxxxxx3    24     1.0       350            
4          PA-7050-SMC          0xxxxxxxxxx8    0      2.0       300            
5          empty                                                                
6          empty                                                                
7          empty                                                                
8          PA-7000-LPC          0xxxxxxxxxx2    0      1.0       300

Log Forwarding Card (LFC): 

• The Log Forwarding Card (LFC) is a high-performance log card that forwards all dataplane logs (like traffic and threat logs for example) from the firewall to one or more external logging systems, such as Panorama or a syslog server. 
• This LFC hardware model was introduced along with Pan-OS 9.0 release. 
• As the dataplane logs are no longer available on the local firewall, the ACC tab is removed from the management web interface.
• Also Monitor > Logs contain only management logs (Configuration, System, and Alarms) and all other dataplane logs like Traffic, Threat , Url-Filtering, Data-Filtering etc are removed from Web-UI of the firewall.

     

• LFC installed on the firewall can be checked as below, 

admin@PA-7050-B(passive)> show chassis inventory

Slot       Component            Serial Number   Ports  Revision  Power (w)      
           Chassis              0xxxxxxxxxx8           1.0                      

1          PA-7000-100G-NPC-A   0xxxxxxxxxx9    28     1.0       430            
2          PA-7000-100G-NPC-A   0xxxxxxxxxx6    28     1.1       430            
3          empty                                                                
4          PA-7050-SMC-B        0xxxxxxxxxx4    0      1.0       500            
5          empty                                                                
6          empty                                                                
7          empty                                                                
8          PA-7000-LFC-A        0xxxxxxxxxx8    10     1.0       240