PAN-OS 8.0: Accelerating Large-Scale, Multi-Cloud Deployments

Organizations are adopting AWS and Azure for their production workloads at a rapid pace. Simultaneously, private cloud and virtualization initiatives continue to expand and evolve. Regardless of virtualization environment or public cloud vendor, organizations must protect business-critical applications and data from cybercriminals with a consistent security policy.

In our PAN-OS 8.0 release, we announced new products and security features designed to accelerate large scale, multi-cloud deployments. Our VM-Series has been optimized and expanded to deliver up to 16 Gbps of firewall throughput with App-ID enabled across five models. Integration features now enable customers to build secure, cloud-centric architectures on Amazon Web Services (AWS) and Microsoft Azure. Plus, new workflow automation features accelerate and streamline firewall deployments for VMware NSX and KVM.

Enterprise-Class Security for Workloads in the Public Cloud

Given the agility and scalability advantages, more and more business-critical workloads and data exist in the public cloud. The VM-Series offers seamless integration with native cloud resources in both AWS and Azure to enable customers to build secure, highly available cloud-centric architectures that are scalable and resilient. Key improvements include:

• Optimized Performance
  • Our current VM-100 and VM-300 have been optimized to deliver up to 2-4 times their existing performance with 2 Gbps and 4 Gbps of firewall throughput with App-ID enabled for hybrid cloud, segmentation and internet gateway use cases.
• VM-Series for AWS
  • More robust monitoring, including the ability to export and send a range of existing capability and performance metrics directly from PAN-OS to AWS CloudWatch, enables the VM-Series to participate more fully in AWS deployments.
  • Azure Application Gateway integration and CloudWatch metrics join the existing Auto Scaling for the VM-Series on AWS integration. These capabilities use AWS services and PAN-OS automation tools to deliver dynamic scalability and cloud-centric availability.
• VM-Series for Azure
  • Integration with Azure Application Gateway and Load Balancer allows customers to support security scale out and resiliency to address high availability requirements.

Enterprise-Class Security for Private Cloud Deployments

Organizations are expanding their private cloud and network functions virtualization (NFV) initiatives in different ways, and the breadth of use cases simply cannot be addressed with a one-size-fits-all product that is manually deployed. PAN-OS 8.0 expands and optimizes the VM-Series to deliver App-ID enabled throughput of up to 16 Gbps to address a variety of use cases.

• The new VM-50 is optimized for customer scenarios that range from virtual branch office/customer premise equipment (vCPE) to high-density, multi-tenancy environments, delivering up to 200 Mbps of App-ID enabled firewall performance with minimal resource consumption.
• The new VM-500 and VM-700 deliver 8 Gbps to 16 Gbps of App-ID enabled firewall performance and can be deployed as NFV security components in fully virtualized data center and service provider environments.

The PAN-OS 8.0 release also further automates complex security policy workflows for VMware NSX and KVM deployments.

• VMware NSX – Security policy creation and response to security events within software-defined data center (SDDC) environments is now simplified and automated through Panorama network security management.
• OpenStack/KVM – Support for config-drive for meta-data sharing simplifies the automation workflows required to deploy and customize the VM-Series for KVM with OpenStack.

With PAN-OS 8.0, Palo Alto Networks customers can leverage the expanded VM-Series to reap the benefits of a cloud security feature set that mirrors their physical networks, delivering a consistent security posture across their infrastructure, from the network to the cloud. New cloud-focused customers can protect workloads with next-generation security features that support consistent policy enforcement through superior visibility, control and threat prevention – all at the application level.

To learn more, visit Securely Enabling Public and Private Clouds. You’ll find a host of cloud-focused security materials, ranging from informational videos and in-depth demos to detailed datasheets and user guides.