We hope this December edition of our monthly software firewall update finds you getting ready for the holidays and looking forward to a new and promising year.
In this month’s digest covering the latest VM-Series and CN-Series developments, you’ll be among the first to know about getting 5G-native security in VMware Tanzu Kubernetes Grid environments with CN-Series container firewalls. In the spirit of providing the gift of security everywhere, you’ll see why VM-Series firewalls are easier to deploy in even more public clouds, including the latest details on integration with the AWS Gateway Load Balancer (GWLB). Plus you’ll find tips on how to start the new year right in private clouds with information about migrating VM-Series deployments from VMware NSX-V to VMware NSX-T.
Get 5G-Native Security with CN-Series Firewalls in VMware Tanzu Kubernetes Grid (TKG) Environments
To secure highly distributed 5G networks—including edge clouds and across multivendor and multicloud environments—you can now enable three types of security on the CN-Series container firewall: network slice security, equipment ID security, and subscriber ID security. So how does this work? Starting with PAN-OS 10.0.3, CN-Series firewalls are supported on the VMware Tanzu Kubernetes Grid (TKG) platform, along with the Intel x710, macvlan, and Multus container network interfaces (CNIs). To learn more about what CN-Series firewalls can provide, visit our LIVECommunity page.
VM-Series Expands Its Ease of Deployment in Even More Public Clouds
Simplifying deployment is the gift that keeps giving. That’s why we’ve made it easier to deploy VM-Series firewalls in public clouds with the following capabilities:
Azure Custom VHD Support—You can now create a custom VM-Series firewall image for later use in your Azure deployment. You’ll thank yourself for using this approach because a custom image gives you the flexibility and consistency to deploy the VM-Series firewall with the PAN-OS version you want to use instead of being restricted to using only those images available though the Azure marketplace. Additionally, your custom image can include the latest content and antivirus updates. You can use this script to automate the process of creating the custom image. This feature is available beginning with VM-Series Plugin 2.0.3.
Community-Supported Terraform Template for IBM Cloud—You can use this Terraform template to create a VM-Series instance on IBM Cloud. The template is community supported.
Find the latest details about VM-Series Integration with AWS Gateway Load Balancer
Last month we announced the availability of integration between VM-Series virtual firewalls and the new AWS Gateway Load Balancer (GWLB). This integration makes it easy to deploy, scale, and manage VM-Series firewalls on Amazon Web Services (AWS). Here is additional information about this milestone integration:
Cloud Formation and Terraform templates for the AWS GWLB integration are published on GitHub. You can use these templates to create your own customized deployments. The templates are community supported.
Help Colleagues Understand Your Vital Security Work
Do folks on your team need a primer covering the complexities of hybrid infrastructure security? Point them toward this white paper full of helpful illustrations. From public and private clouds to on-premises data centers, they’ll see just why increased infrastructure complexity and interconnectivity significantly expand the attack surface. What’s more, this resource will walk them through the key characteristics of a security platform designed specifically for hybrid architectures and they’ll discover how our approach repels real-world threats such as ransomware, cryptojacking, and container worms.
Don’t Miss Other Recent VM-Series and CN-Series Firewall Technical Updates
Did you miss November’s update? Take a look for information about the exciting integration with the brand new AWS Gateway Load Balancer along with news about simplified public cloud bootstrapping options, support for new CNI plugins for CN-Series firewalls, added platform support, and more.