- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
We recently announced the upcoming launch of our PAN-OS 10.1 software release, which delivers Complete Zero Trust Network Security and a host of additional innovations across security services and next-generation firewall (NGFW) platforms, including our software firewalls. In this May software firewalls update, we are pleased to share a preview of two key capabilities introduced for our software firewalls with PAN-OS 10.1: Intelligent Traffic Offload (ITO) service for VM-Series firewalls and a new auto scale deployment model for CN-Series firewalls within a Kubernetes cluster. Also this month, we released VM-Series plugin 2.0.7, we launched two new beta opportunities, and we added a few more enhancements for our software firewalls.
In service provider networks and hyperscale data centers, roughly 80% of traffic consists of traffic that cannot or will not benefit from security inspection. Deploying enough large firewalls to secure these enormous networks without sacrificing performance makes security costs prohibitive. The just-announced Intelligent Traffic Offload (ITO) service for VM-Series firewalls eliminates these tradeoffs. The ITO service integrates with smart network interface cards (Smart NICs) to offload traffic to a Smart NIC when that traffic does not benefit from security inspection, which reduces CAPEX by up to 150%. This is available beginning with PAN-OS 10.1. Find out more here.
CN-Series firewalls, the industry’s first next-generation firewall (NGFW) delivered in a container form factor, will be even more tightly integrated with Kubernetes for greater scalability and flexibility. With PAN-OS 10.1, administrators can now deploy firewalls in a cluster deployment mode where the firewall dataplane runs as a Kubernetes service in a dedicated security node. This feature is ideal for large Kubernetes environments where distributed deployment is resource intensive and cost prohibitive. It simplifies the deployment as the firewalls can be deployed on all cluster nodes with a single command, optimizes for the underlying resources, and enables CN-Series firewalls to take advantage of the native auto scale capabilities of Kuberenetes to ensure threat protection in even the most dynamic Kubernetes environments. This is available beginning with PAN-OS 10.1. Find out more here.
Make sure you access this latest plugin, which resolves important issues when using VM-Series firewalls with VMware ESXi and open-source KVM in AWS. Interface management swap support for ESXi and KVM provides more flexibility for deployment, particularly in situations where interfaces need to be pre-mapped to a public IP address and not identified by AWS as a security risk. With this new plugin version, interface management swap support provides a workaround. Find out more in the release notes.
VM-Series virtual firewalls now interoperate with Adva Ensemble Connector Version 19.1.1.33 and PAN-OS 10.0 (and later version) on the Adva FSP 150-XG304u, which is a 10Gbit-per-second hardware-accelerated white box. Find out more here.
See the latest version of our continuously updated hypervisor support matrix. This includes the many new developments about extended—and oft requested for KVM—support for Panorama virtual appliances with Ubuntu 18.04 LTS and CentOS/RHEL 8.0. Find out more here.
Change is a fact of life in network security so why not make the changes quick and nondisruptive? Now there’s a procedure which does just that when you migrate your VM-Series firewall configuration from operations-centric VMware NSX-V to VMware NSX-T. By using the VMware Migration Coordinator tool in NSX-T, you can migrate your current configuration and reuse the policy and dynamic address groups you’ve already configured on your Panorama management server. It’s a superb way to migrate operations-centric deployments where VM-Series traffic redirection policy rules were created in NSX-V Manager rather than on your Panorama server. Find out more here.
We’re looking for customers to participate in ongoing beta trials for two exciting new capabilities:
The Panorama NSX-T Plugin 4.0 Security-Centric Workflow East-West (E-W) Beta
The Panorama Plugin for AWS 3.0 Beta with Orchestration
This feature makes it easy to secure application workloads in AWS because it fully automates network security provisioning in that environment. This plugin, which comes with an enhanced web interface, orchestrates and manages the deployment of scalable VM-Series firewall stacks integrated with an AWS Gateway Load Balancer (GWLB) to secure inbound, outbound, and east-west traffic flows. Get more information on the beta and participation details here.
Read this Forrester Research Spotlight report to see the benefits they discovered when using VM-Series firewalls as part of a broader research study focusing on the Total Economic Impact (TEI) of deploying a full stack of Palo Alto Networks Security products. You can access the full report here.
Did you miss the April update? If you did, you should take a look because we announced several new capabilities: new features, new plugins; and new qualifications. We also announced news about AWS overlay routing, expanded CN-Series environment support, VM-Series firewalls on IBM Cloud qualification details, and the latest Panorama plugin details for NSX and Azure. Plus, find details about an in-depth hybrid cloud research report from the Enterprise Strategy Group (ESG) analyst firm.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Subject | Likes |
---|---|
5 Likes | |
3 Likes | |
2 Likes | |
1 Like | |
1 Like |