Panorama VM

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Panorama VM

L0 Member

We are planning to migrate from physical M-500 appliance to virtual Pan VM. Which would be a better option to deploy it considering the availability, complexity of deployment and others. We don't use Aws in our environment most of the work is done on VMware side but we are ready to use Aws given the options. Let me know your thoughts and any other things I should consider.


L3 Networker


As per M-500 physical appliance specification 

Processor  Intel Xeon 6-core CPU

Memory/Internal Storage  128GB DDR4 RAM/240GB SSD storage

Storage  Up to 24TB storage for logs; default is 4TB


So you can configure Panorama to function in one of several different modes:

A physical Panorama appliance (such as an M-500) can operate in:

Panorama mode – firewall management and log collection

Log Collector mode – dedicated log collector only

Management Only mode – firewall management only without log collection capabilities

•The Panorama virtual appliance can function in one of four different modes:

Panorama mode – firewall management and log collection

Log Collector mode – dedicated log collector only

Management Only mode – firewall management only without log collection capabilities

•Legacy mode

The default mode for both virtual appliances and for M-Series appliances is Panorama mode.

Legacy mode is a transitional option to help customers upgrade from older Panorama versions (such as version 7). The legacy mode does not support any of the logging and reporting enhancements made since Panorama 8.0. Legacy mode is available only when you have an existing Panorama 8.0 virtual appliance running in Legacy mode and you upgrade that device to 8.1. You can change a Panorama virtual appliance from Legacy mode to one of the other options; however, once you make the change you cannot revert the appliance to Legacy mode. On a fresh install of 8.1 and later versions, Legacy mode no longer is available.

You can change Panorama from one mode to another if the following resource requirements are met:

System Mode  Minimum Resource Requirements  Maximum Log Storage Capacity

Panorama  16 CPUs, 32GB RAM  24TB

Log Collector  16 CPUs, 32GB RAM  24TB

Management Only  16 CPUs, 32GB RAM.


And many enterprises have moved to the public cloud to reduce cost and simplify the management efforts of their applications and services. With this move, enterprises can avoid the need to deploy an on-premises M-Series Panorama to manage their VM-Series firewalls in public cloud environments. Now you can deploy the entire Panorama solution on an M-Series appliance, in a public cloud, on a hypervisor such as ESXi, or a combination, depending on your requirements.

A Panorama virtual appliance deployed in a public cloud offering can manage firewalls inside and outside the cloud. Likewise, a Panorama physical appliance can manage physical firewalls as well as virtual firewalls in public and private clouds



Best Regards,




L0 Member

With a VM, you can manage up to 1k devices and up to 20,000 log/sec with:

32 CPUs 128GB memory 8x2TB logging disks

The limit is 24TB of logging space in the Panorama mode VM. You can deploy Log Collector VMs but they are still limited to 24TB.

You can just deploy the VM on-site (it’ll probably be cheaper than AWS) and then allow access to AWS if needed over a VPN tunnel.

You can setup A/P Panorama VMs, but it might be cheaper to use the DR functions of a well-built ESXi environment.

L0 Member

Palo Alto Networks VM-Series firewall is the virtualized form of the Palo Alto Networks next-generation firewall. Learn how to deploy 2 VM-Series firewalls that secure ingress/egress traffic from 2 spoke VPCs using Terraform by doing the hands-on lab VM-Series Advanced Deployment launched by Palo Alto Networks.


L0 Member

Moving from a physical M-500 appliance to a virtual Pan VM is a good option for improved flexibility and scalability. Deploying on VMware would be a more straightforward option, but if AWS is an option, it could provide additional benefits such as better availability and disaster recovery. Careful planning and consideration of factors like licensing and network configurations will be crucial for a successful migration.

L0 Member

Migrating from a physical M-500 appliance to a virtual Pan VM can provide various benefits such as flexibility, scalability, and cost-efficiency. When it comes to deploying the virtual Pan VM.

L0 Member

Considering your existing VMware infrastructure and familiarity, deploying the VM-Series firewall on VMware is a suitable choice. It offers seamless integration, lower complexity, and cost-effectiveness compared to adopting AWS for this purpose.

L0 Member

This is the best coupons store if you want to buy any kind of things with discount and deals also provide best quality material connect with the popular brands online shopping so you can go to the Revounts Store at thehealthpost promo code.

L0 Member

Experiencing similar issue which is solved after visiting here thanks everyone for sharing your posts with solutions and special thanks to paloalto team members.

Can you elaborate on that, I might be able to gain some experience from it so I can handle my side of the situation.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!