New: The Industry’s Most Flexible Software NGFW Consumption Model

Feb 09, 2021
6 minutes
... views

What if there was a licensing approach that would let you procure software firewalls and security services with the speed and flexibility to match rapidly changing cloud requirements? Or how about dynamically resizing your software firewalls in response to changes in your organization? That could minimize the need for forecasting, to say nothing of alleviating the need to purchase and deploy new and bigger firewalls as your environment grows over time.

And why stop there? What if there was a firewall licensing approach that would allow you to deploy the latest security innovations as soon as they are made available – rather than hoping for their inclusion in the security services bundles you’ve already purchased?

What if you could simply scale and pay for the security you actually use?

None of the above is wishful thinking. It’s all possible now with the industry’s most flexible consumption model, which makes our software firewall offerings more adaptable to your organization than ever before.

This new flexible consumption model featuring credit-based licensing lets you consume firewall-as-a-platform components, such as VM-Series virtual firewalls, CN-Series container firewalls, all of our security services, and virtual Panorama for firewall management and log collection. With this approach, you can consume and deploy network security in minutes and maximize ROI in private and public clouds – as well as on-premises and in branch, retail and service provider environments, to name just a few of the opportunities for more agility.

Until now, common practice has required software firewalls to be procured as discrete components, just like the products that run a data center. In the old approach, users are forced to commit to firewalls with fixed sizes based on projected traffic levels. Next, users must purchase rigid bundles of security services – such as an Intrusion Prevention Service (IPS) or anti-malware capabilities – that may or may not include the capabilities needed to satisfy their future requirements. Then they hope for the best.

There is no intrinsic technical reason why software firewalls and related security services must be consumed and procured this way – so we changed it. Take a look at this short explainer video to see how it works:


Three Simple Steps Get You the Firewall Licensing and Security Services You Need

Now procurement and deployment can be based on actual and immediate needs. Customers purchase Software NGFW Credits, which can then be allocated to VM-Series virtual and CN-Series container next-generation firewalls (NGFWs), cloud-delivered Security Services, and VM Panorama for management and log collection. The process just takes three simple steps:

  1. Procure Software NGFW Credits.
  2. Allocate or reallocate credits across different deployments to activate your choice of security products and your choice of security services in just minutes.
  3. Manage and monitor credits via the Palo Alto Networks customer support portal.

As needs change over time, Software NGFW Credits can be reallocated to new and other firewall-as-a-platform solutions without having to go through additional procurement cycles. This flexible purchasing and deployment approach can substantially save time and money, while improving scalability and providing the agility needed to tailor security controls to your current security needs.


Meet Cloud Security Needs in Minutes

The thinking behind the flexible consumption model is that security shouldn’t get in the way of critical activities, such as application development. But when procurement processes can take days, or even weeks, people start thinking about taking shortcuts. And if you’re a security professional, you know how that story usually concludes.

Here’s why it often takes days – or even weeks – to purchase and deploy new software firewalls:

License-based model: Time to deploy = days or weeks; Security requirement leads to purchase order leads to approval leads to procurement leads to license leads to software download leads to security deployed.

Now consider this plot twist in which the initial procurement steps above are required only once, and the flexible deployment model shrinks the new software firewall deployment process to just a few minutes:

Flexible firewall licensing in action: Credit-based model: Time to deploy = minutes; Security requirement leads to self-service portal leads to credit allocation leads to security deployed.

In the interest of living happily ever after, we’d suggest you consider the new flexible consumption approach so you can focus on deploying security at the right time and in the right places.


Say Hello to Flexible Firewall Sizing

These dramatically simplified steps for procurement mean no more hoping for the best and then scrambling to get things right at a later date. So unless you’re Nostradamus, the flexible consumption model is for you – because you, not the vendor, should determine how many cores (vCPUs) and how much memory are allocated to your software firewalls to meet specific scaling and performance requirements that are almost certain to change over time.

With our flexible consumption model, you simply allocate or remove additional cores to scale the software firewall up or down, instead of going through the long process of procuring a new firewall model that fits your latest requirements. A few clicks will appropriately size your firewalls, and Software NGFW Credits will automatically be deducted from – or refunded to – your credit bank.


Avoid Lock-In and Maximize ROI

You can also say farewell to being locked into products and services in an era when you need to be able to turn on a dime. Who wants to pony up for new firewalls every time needs change or leave unused firewalls on the books for months at a time? With the new flexible consumption approach, that changes. You can instead consume any of the Palo Alto Networks cloud-delivered security services on-demand with your Software NGFW Credits and skip committing to a rigid security subscription bundle that could easily be outdated in a few months. You’ll also get immediate access to new security services as soon as they are made generally available.


Track Your Network Security Resource Consumption and Deployment

The new approach is also designed to help organizations get the most out of budgets by providing comprehensive firewall inventory oversight. Now you can leverage a centralized view to see precisely how many software credits have been procured – and where they have been deployed, whether on-prem or in public clouds. With this capability, you can accurately track, audit and adjust firewall use based upon consumption and need.


Get Ready to Get Started

The new flexible consumption model is ready for you to leverage today. Down the road, it will be the only way Palo Alto Networks will license its software firewalls and security services. During this transition period, Palo Alto Networks will support the licensing model you currently use – and let you know when these methods for licensing are no longer available. Customers using pay-as-you-go licensing through cloud service providers will not be affected by this change.

To find out more, read this solution brief, which will guide you through the process, or watch this information-packed webinar, “Software NGFWs: More Flexible Than Ever,” to find out how to get started with more flexibility to meet immediate security needs today.

Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.