Igniting Your Cloud

VMWorld 2012 wrapped up a couple of weeks ago. Thank you to all of you who stopped by our booth to speak to us. We were excited to share our recent validated design for security in a FlexPod environment, and happy to see security and compliance is an important topic for many VMWorld attendees.

One of the most common questions I received at this conference was what our next-generation firewall offers in terms of cloud integration. As you know, one of the key characteristics of cloud computing environments is the ability to automate and orchestrate features. I write about the importance of security automation and orchestration in this week's Security Week article, and how it cannot lag the provisioning of virtual machines because this slows down the cloud ecosystem, and can lead to security risks.

In fact, our next-generation firewall offers a powerful XML management API that enables external cloud orchestration software to configure Palo Alto Networks firewalls. The exhaustive and fully-documented REST-based API allows configuration parameters to be seen, set and modified as needed. If you haven't already leveraged the REST API for your virtualized and cloud computing environments, you should check it out. Our customers are using it today to ensure the orchestration of security features is keeping pace with the orchestration of other components in the cloud ecosystem.

In addition to security zones that can provide appropriate segmentation of resources in the cloud, our firewalls also support multi-tenancy features, important in cloud environments where multiple tenants or groups within an organization take advantage of common pools of resources.  Virtual systems provide full, logical management segmentation between customers. Virtual systems resource control includes the ability to enforce limits on the number of sessions, policies and VPN tunnels. Bandwidth controls via QoS can appropriately prioritize traffic for one customer versus another.

If you're interested in learning more about the features we offer for virtualized data centers and cloud computing environments, attend the Ignite Conference. These are key topics we will be exploring further at the Ignite Conference. We'll be sharing best practices for deploying security in the evolving data center, when a physical or virtualized firewall is appropriate and our customers (your peers) will be sharing real-world deployment scenarios of what they are doing to secure virtualized and cloud environments. One of the most interesting sessions that I'm looking forward to at Ignite is by Jean-Marc Mazzoni, the lead security architect at Wyse. He'll be discussing from a cloud provider context how he's leveraging next-generation firewalls in a Zero Trust architecture to secure his network.