Securing Workloads in GCP with VM-Series

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
L5 Sessionator

Securing Workloads in GCP with the VM-Series

In addition to securing traditional IaaS workloads, you can manually build out a Zero Trust security posture using the Palo Alto Networks Virtual firewall. 

 

VM-Series in GCP

In GCP, you can leverage the VM-Series as an ingress security gateway for traditional IaaS workloads. In addition to the native security functionality offered by GCP, the VM-Series augments native cloud security by delivering first-class application visibility, control, and threat prevention. VM-Series support for Zero Trust further strengthens our capabilities in cloud security and will help you accelerate your journey to the cloud with consistent and comprehensive protection across the Google cloud environment. 

 

Protecting your GCP Workloads with the VM-Series

 

Inbound autoscaling architecture with the VM-Series.Inbound autoscaling architecture with the VM-Series.

 

 

Panorama Plugin for Google Cloud Platform

To provide VM-Series support for GCP, the Panorama orchestrator is leveraged. The Panorama plugin for GCP secures inbound traffic to IaaS workloads. The Panorama plugin for GCP monitors the deployment state of the template as well as keeping the device count consistent with the instance group. The plugin queries for services that are labeled and are assigned a valid port value. The plugin uses the port to create an inbound NAT rule on the VM-Series firewall. When traffic hits the firewall on that specified port, Panorama applies the inbound NAT rule for that port and routes the packet to its destination.

 

 

Automated Deployment

For the GCP Auto Scale architecture, the template automates the deployment. For the autoscaling template, the Panorama plugin configures the static information needed to automatically route traffic. NAT rules are added to perform address translation on inbound packets, ensuring that the initial traffic, as well as the return traffic, passes through the firewall. This deployment model provides a seamless cloud-centric approach to using the VM-Series to secure IaaS workloads in the cloud. 

 

You can launch or download the GCP Auto Scale templates on GitHub using the following link:

 
We encourage you to read more about this integration by reviewing the solutions brief attached below.
 
You may also find more information about Google Cloud Platform on the LIVEcommunity: VM-Series on GCP resource page.
1 Comment
  • 4318 Views
  • 1 comments
  • 0 Likes
Register or Sign-in
Labels