This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Decrease In-Service Time for Amazon EC2 Auto Scaling with Warm Pools

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Decrease In-Service Time for Amazon EC2 Auto Scaling with Warm Pools

jmeurer
L2 Linker
‎07-19-2021 01:04 PM

warm-pools_LIVEcommunity.jpg

 

Today, Palo Alto Networks is excited to announce support for EC2 Auto Scaling Warm Pools. Warm Pools can reduce the in-service time for VM-Series firewalls by up to 80 percent by staging instances in a stopped state after the bootstrapping process. When an Auto Scaling action triggers a scaling event, the warmed instance is simply started from the already staged warm state. This staging is made possible by adding new lifecycle actions to trigger automation which validates the readiness of an instance.  

 

Here’s why this is important: For more than four years, Palo Alto Networks customers have been using VM-Series Next Generation Firewalls (NGFWs) with Amazon's EC2 Auto Scaling to create scalable and robust network security on AWS. Auto Scaling in AWS solves three major challenges:

 

  • Right-sizing capacity based on demand
  • Resiliency across Availability Zones
  • Self-healing unhealthy instances

 

Enhancing VM-Series Auto Scaling in AWS

While VM-Series and EC2 Auto Scale provide several benefits for our customers, there is still some unavoidable latency with the VM-Series NGFW bootstrap process. As an Auto Scaling Group begins to scale out new EC2 instances running PAN-OS, the initial boot process of the new instance(s) can take several minutes. Many customers have historically worked around this by over-provisioning NGFW instances on AWS; however, this leads to increased costs and wasted compute. 

 

Key benefits of Warm Pools:

  • Reduces EC2 cost by keeping the warmed instance in a stopped state.  Cost is reduced to just the EBS storage cost.
  • Dramatically reduces the time necessary for a firewall to become available to the load balance.
  • Provides dedicated lifecycle actions which can occur when an instance is built or moved from warm to running, including integrations with Amazon EventBridge and Amazon CloudWatch.

 

Figure 1: Lifecycle Hook Flow DiagramFigure 1: Lifecycle Hook Flow Diagram

Figure 1: Lifecycle Hook Flow Diagram

 

Licensing Considerations

Warms Pools works with both PayGo and our flexible consumption licensing model. When utilizing PayGo, no additional costs are incurred, as the firewall will not incur EC2 usage charges. Additional licenses will be consumed by the stopped firewalls when utilizing BYOL/FW-Flex.

 

To learn more, we encourage you to follow these links:

0 Likes Likes
  • 2838 Views
  • 0 comments
  • 0 Likes
Register or Sign-in
Labels
Popular Blogs
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks