Co-authored by: Chintan Udeshi, Principal Product Manager
We are excited to announce that Palo Alto Networks has introduced AliCloud Gateway Load Balancer (GWLB) support for VM-Series firewalls, enabling enterprises to secure critical workloads with greater elasticity and ease. This integration addresses long-standing challenges in cloud network security by allowing organizations to automatically distribute traffic across multiple firewall instances in Alibaba Cloud, ensuring robust protection that scales dynamically without manual intervention.
The network security team in charge of protecting AliCloud applications using VM-Series have traditionally faced significant architectural hurdles. Conventional high-availability methods often lack scalability, require complex management, and can lead to issues such as asymmetric traffic. As applications grow, these static security models can become brittle, limiting both availability and flexibility. To solve these challenges, the AliCloud team launched the support for Gateway Load Balance (GWLB) in 2024.
The integration of VM-Series with Alibaba Cloud GWLB resolves these operational bottlenecks, delivering a cloud-native approach to high-performance security.
This integration is designed to help your organization achieve three primary outcomes:
How the integration works:
Figure 1: VM-Series integration with AliCloud GWLB
As shown in the figure above, the VM-Series is running behind the AliCloud GWLB in the security VPC. Each application VPC has a VPC end-point that establishes a private link between the application VPC and the security VPC and routes the traffic to the GWLB so it can be inspected by VM-Series for protection.
Once the traffic is inspected by VM-Series for malware and threats, it returns to the GWLB endpoint via GWLB, after which is forwarded to the destination application. While VM-Series is responsible for Layer-7 runtime protection, the AliCloud GWLB running in security VPC ensures traffic distribution among firewalls, high availability, health checks and fault tolerance.
Benefits of using VM-Series with AliCloud GWLB:
1. Scale security with dynamic traffic demands
Modern applications require infrastructure that adapts instantly to changing loads. The VM-Series with AliCloud GWLB integration enables horizontal scaling based on actual traffic volume, ensuring your security layers expand and contract in accordance with your business needs. This approach delivers inherent high availability and fault tolerance, allowing you to operate firewalls that maintain continuous uptime even during traffic spikes or instance failures.
2. Simplify architecture while retaining full network visibility
Maintaining deep visibility into network traffic is essential for effective threat detection and response. The integration provides transparent traffic inspection, ensuring that your security teams retain full visibility into source IPs and application flows without complex workarounds. By leveraging a cloud-native design, you can simplify network insertion and deploy Layer-7 runtime protection for your applications with minimal architectural friction.
3. Unify security posture across diverse cloud environments
For enterprises managing multi-cloud estates, operational consistency and ensuring consistent security posture across all platforms are vital to reducing risk. This new integration offers the same architecture as existing AWS and Azure GWLB integrations, providing a unified operational model across your major cloud providers. Through centralized policy and log management, your organization can enforce consistent security standards everywhere, streamlining operations and ensuring no coverage gaps exist between different cloud environments.
To learn more about about protecting AliCloud applications with AliCloud GWLB, check out: VM-Series on AliCloud GWLB Documentation Link
Please visit the VM-Series on AliCloud Marketplace listing to start using VM-Series to protect applications running on AliCloud today.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
| Subject | Likes |
|---|---|
| 2 Likes | |
| 1 Like | |
| 1 Like | |
| 1 Like | |
| 1 Like |
