This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
FlexVM Licensing with Software NGFW Credits
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- Discussions
- Network Security
- Next-Generation Firewall Discussions
- Re: FlexVM Licensing with Software NGFW Credits
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
06-24-2021 04:39 PM - edited 06-25-2021 12:24 AM
Hi all,
As you probably know, paloalto recently changed the licensing of VM firewalls. With greater flexibility (and higher licensing costs), there is now also the possibility to increase only the RAM for such a VM firewall which results in higher capacity for rules, zones, concurrent sessions. Some of the specs which change with a different memory profile are written here: https://docs.paloaltonetworks.com/vm-series/10-0/vm-series-deployment/license-the-vm-series-firewall...
My question@ now are: are these the only specs that change with a different memory profile? What about concurrent dercypted sessions, virtual routers, ...? Does the vm refuse to boot if there is for example 20 GB of RAM attached or does the vm simply use the highes possible amount of RAM according to the memory profile?
1 ACCEPTED SOLUTION
Accepted Solutions
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
07-24-2021 08:18 AM
Hi @istrydom
Thanks for clarifying this with the Paloalto VM team. At least my question is now answered --> when the memory profile is increased also the maximum supported decrypted sessions will increase:
4.5 GB = 1'024 decrypted sessions
5.5 GB = 1'024 decrypted sessions
6.5 GB = 6'400 decrypted sessions
9 GB = 15'000 decrypted sessions
16 GB = 50'000 decrypted sessions
56 GB = 100'000 decrypted sessions
These sessions increase only by adding more RAM and it does not matter how many vCPUs you have licensed and added.
The virtual routers are tied to the vCPU count, so here you don't get more vrouters with more RAM.
9 REPLIES 9
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
06-25-2021 01:28 AM
Comparison Tool has spec for VMs
Here is example to compare 6 types of VMs
I can see there is difference in SSL Decryption section, Security Profiles, so on..
Regard,
Emr
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
06-25-2021 02:15 AM
Hi @emr_1
Thanks for your reply.
I saw that there are new options in the comparison tool, but so far these options actually are only the "old" vm-types (vm-100, vm-300, ...) with new names. My question is if only the RAM is increased. As shown in the link there are some specs which change if RAM is increased but what is about all the other specs which I mentionned (virtual router, concurrent decrypted sessions, ...)
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
06-25-2021 11:26 AM - edited 06-25-2021 11:47 AM
@istrydom / @sduvoisin / @vogeln
Are you able to answer this prior to anyone in the community? 😉
An answer will probably also help others and not only me ...
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
06-28-2021 11:58 PM
@vsys_remo It loads the memory profile based on the memory assigned. Ex: if you assign 20G RAM, it will load 16G memory profile (one out of 6 profiles that we support)
Related Content
- NGFW Credits vs licensing for Panorama in Panorama Discussions
- VM300 in VM-Series in the Private Cloud
- azure ha deployment using flex credits license in VM-Series in the Public Cloud
- FlexVM Licensing with Software NGFW Credits in Next-Generation Firewall Discussions
- In case you missed it - The MOST Flexible Software NGFW Consumption Model in Next-Generation Firewall Discussions
Like what you see?
Show your appreciation!
Click Like if a post is helpful to you or if you just want to show your support.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks