Palo Alto Networks VM-Series NGFW Now Available on IBM Cloud VPC

3 min read

Palo Alto Networks and IBM are excited to announce the availability of VM-Series Next Generation Firewalls (NGFW) on IBM Cloud VPC infrastructure.

Palo Alto is now available in the IBM Cloud Catalog under the Software category through IBM Cloud Schematics, IBM’s high-level scripting language, to quickly create VNF (Virtual Network Function) resources in your IBM Cloud environment. This new tile includes the PAN-OS 9.1.3 with scale up to the VM-500 variant. The configuration is Stand-Alone image with High Availability options in plan:


What is the VM-Series Virtual Next-Generation Firewall?

IBM Cloud is an important deployment platform for your business-critical applications. Protecting the increased public cloud footprint from threats, data loss, and business disruption remains challenging. The VM-Series Virtual Next-Generation Firewall (NGFW) on IBM Cloud solves these challenges, enabling you to do the following:

  • Protect your workloads through unmatched application visibility and precise control.
  • Prevent threats from moving laterally between workloads and stop data exfiltration.
  • Eliminate security-induced application development bottlenecks with automation and centralized management.

Palo Alto Networks VM-Series Virtual NGFWs protect your IBM Cloud workloads with next-generation security features that allow you to confidently and quickly migrate your business-critical applications to the cloud. Embed the VM-Series in your automated infrastructure provisioning workflows to prevent data loss and business disruption in even the most dynamic environments.

The VM-Series allows you to embrace a prevention-based approach to protecting your applications and data on IBM Cloud. Automation and centralized management features enable you to embed next-generation security in your DevOps and provisioning workflows, enabling security to keep pace with development. Among the many benefits offered by VM-Series on IBM Cloud include the following:

  • Complete visibility for improved security decisions
  • Segmentation and application allow listing for data security and compliance
  • User-based policies for an improved security posture
  • Protect applications and data from known and unknown threats
  • Multiple defenses block data exfiltration and unauthorized file transfers
  • Centralized management for policy consistency through Panorama
  • Automation to support App Dev workflows like bootstrapping and a fully documented API, dynamic address groups and more
  • Automating deployments with Terraform and Ansible

The VM-Series can be deployed on IBM Cloud to address several different use cases

  • Internet gateway: Protect production workloads — As your IBM Cloud deployment expands to include public-facing workloads, you can use the VM-Series as an internet gateway to protect web-facing applications from known and unknown threats. Additionally, you can enable direct access to web-based developer resources, tools and software updates, thereby minimizing the traffic that flows back to corporate and out to the web.
  • Hybrid cloud: Securely enable app dev and test — Securely migrate application development and testing to IBM Cloud through a hybrid deployment that integrates your existing development environment with IBM Cloud via a secure connection. This allows your development and testing teams to get started while maintaining a strong security posture.
  • Segmentation gateway: Separation for security and compliance — High-profile breaches have shown that cybercriminals are adept at hiding in plain sight, bypassing perimeter controls and moving at will across networks — physical or virtualized. An IBM Cloud VPC provides an isolation and security boundary for your workloads. The VM-Series can augment that separation through application-level segmentation policies to control traffic between VPCs and across subnets. With application-level policies, you have greater control over application traffic moving laterally, and you can apply threat prevention policies to block their movement.

Get started

The VM-Series on IBM Cloud supports bring-your-own-license (BYOL) as a licensing model. You can purchase your VM-Series license through normal Palo Alto Networks channels and then deploy the VM-Series using the license authorization code you received.

Get started today by accessing the VM-Series on IBM Cloud through the IBM Cloud Catalog.

Be the first to hear about news, product updates, and innovation from IBM Cloud