One console for your
entire Ranger fleet.

RangerPortal brings every PacketRanger and ZoneRanger instance under a single pane of glass. Centralized sign-on, role-based access, fleet-wide visibility and one place to manage every pipeline.

Single sign-on

• API driven

MCP Ready

rangerportal · fleet overview
Ask which appliances are dropping events?
pr-edge-01
PacketRanger · v2.9
142k EPS
pr-core-02
PacketRanger · v2.9
98k EPS
zr-dmz-07
ZoneRanger · cert expiring
healthy
pr-cloud-03
PacketRanger · GCP
61k EPS

WHAT RANGERPORTAL DOES

Manage many instances as if they were one.

Stop logging into appliances one by one. RangerPortal centralizes identity, access and visibility across your whole Ranger deployment, with API- and AI-driven automation.

Single pane of glass

Every PacketRanger and ZoneRanger instance, on-prem or cloud, in one fleet view with live health and throughput.

Centralized sign-on

Connect your identity provider over OIDC or SAML. One login, enforced everywhere — no per-appliance accounts.

Role-based access

Map IdP groups to roles. Grant Viewer, Operator or Administrator scope per team and per instance.

Fleet-wide analytics

Aggregate pipeline statistics, volumetric baselines and anomaly signals across instances in one dashboard.

Config & policy

Review destinations, forwarding rules and filters across the fleet, and push consistent policy from one place.

Audit & alerting

Track who changed what, when — with health alerts for certificate expiry, drops and instance reachability.

AI & MCP control

Connect AI assistants to RangerPortal over MCP. Ask about fleet health, investigate issues, and push config across instances in natural language, always under your control.

API-first & automatable

Drive every fleet operation through a full REST API — onboard instances, push policy and pull metrics. Built for IaC and GitOps.

Fast time to value

Point RangerPortal at your instances and manage the whole fleet from day one. No agents to deploy, no per-box setup.

HOW IT WORKS

It manages the fleet — it never touches the data path.

RangerPortal sits out-of-band above your Ranger estate: it pushes policy and configuration down, and pulls state and telemetry up, adding control without adding latency.

Management Plane RangerPortal Unified management & control plane Identity & Access Fleet Config Health & Analytics Policy & Audit Push ↓ RangerPortal → instances Policy Configuration Patches & updates Certificates Pull ↑ instances → RangerPortal Config state Traffic & flow stats Node health Metrics Managed instances · data plane PacketRangeredge PacketRangercore PacketRangercloud ZoneRangeracross boundaries

IDENTITY & ACCESS

Secure by design, governed by your IdP.

RangerPortal delegates authentication to the identity provider you already run, so access follows your existing joiner-mover-leaver process — not a separate set of local credentials.

  • OIDC & SAML federation with providers like Keycloak, Okta and Entra ID
  • Group-to-role mapping for least-privilege access across instances
  • Granular roles — Viewer, Operator, Administrator
  • Full audit trail of configuration and access events
  • High-availability deployment with read-only replica support

Bring your whole fleet into one view.

See how RangerPortal centralizes management across PacketRanger and ZoneRanger.

Get Started
See a Demo
Get Started