What Panorama modes are available on Virtual Machines

In this mode, the Panorama virtual appliance supports a local Log Collector with 1 to 12 virtual logging disks (see Deploy Panorama Virtual Appliances with Local Log Collectors). Each logging disk has 2TB of storage capacity for a total maximum of 24TB on a single virtual appliance and 48TB on a high availability (HA) pair. This mode enables you to add multiple virtual logging disks without losing logs on existing disks. Panorama mode also provides the benefit of faster report generation. In Panorama mode, the virtual appliance does not support NFS storage. As a best practice, deploy the virtual appliance in Panorama mode to optimize log storage and report generation.

In this mode, the Panorama virtual appliance receives and stores firewall logs without using a local Log Collector (see Deploy Panorama Virtual Appliances in Legacy Mode with Local Log Collection). By default, the virtual appliance in Legacy mode has one disk partition for all data. Approximately 11GB of the partition is allocated to log storage. For more storage, virtual disk of up to 8TB can be added on ESXi 5.5 and later versions or on vCloud Air. 

In this mode, the Panorama virtual appliance is a dedicated management appliance for your managed devices and Dedicated Log Collectors.In this mode, an appropriately resourced Panorama virtual appliance can manage up to 5,000 firewalls. The Panorama virtual appliance has no log collection capabilities except for config and system logs and requires a Dedicated Log Collector to these store logs. By default, the virtual appliance in Management Only mode has only one disk partition for all data so all logs forwarded to a Panorama virtual appliance in Management Only mode are dropped. To store the log data from your managed appliances, you must configure log forwarding in order to store the log data from your managed devices. 

In this mode, the Panorama virtual appliance functions as a Dedicated Log Collector. This is useful If multiple firewalls forward large volumes of log data. Here Panorama virtual appliance in Log Collector mode provides increased scale and performance. In this mode, the appliance does not have a web interface for administrative access; it has only a command line interface (CLI). The appliance can be managed using the web interface of the Panorama management server. CLI access to a Panorama virtual appliance in Log Collector mode is necessary only for initial setup and debugging. For configuration details, see Deploy Panorama with Dedicated Log Collectors.