[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Cloud Security](https://www.paloaltonetworks.com/cyberpedia/cloud-security?ts=markdown) 3. [What Is a Virtual Firewall? How It Works + When to Use One](https://www.paloaltonetworks.com/cyberpedia/what-is-a-virtual-firewall?ts=markdown) Table of contents * [How do virtual firewalls work?](#how-do-virtual-firewalls-work) * [What makes a virtual firewall distinct?](#what-makes-a-virtual-firewall-distinct) * [Why use virtual firewalls?](#why-use-virtual-firewalls) * [Where are virtual firewalls deployed?](#why-use-virtual-firewalls) * [How do virtual firewalls compare to other firewall models?](#how-do-virtual-firewalls-compare-to-other-firewall-models) * [How virtual firewalls uniquely support Zero Trust](#how-virtual-firewalls-uniquely-support-zero-trust) * [What to look for in a virtual firewall](#what-to-look-for-in-a-virtual-firewall) * [Virtual firewall FAQs](#virtual-firewall-faqs) # What Is a Virtual Firewall? How It Works + When to Use One 6 min. read Table of contents * [How do virtual firewalls work?](#how-do-virtual-firewalls-work) * [What makes a virtual firewall distinct?](#what-makes-a-virtual-firewall-distinct) * [Why use virtual firewalls?](#why-use-virtual-firewalls) * [Where are virtual firewalls deployed?](#why-use-virtual-firewalls) * [How do virtual firewalls compare to other firewall models?](#how-do-virtual-firewalls-compare-to-other-firewall-models) * [How virtual firewalls uniquely support Zero Trust](#how-virtual-firewalls-uniquely-support-zero-trust) * [What to look for in a virtual firewall](#what-to-look-for-in-a-virtual-firewall) * [Virtual firewall FAQs](#virtual-firewall-faqs) 1. How do virtual firewalls work? * [1. How do virtual firewalls work?](#how-do-virtual-firewalls-work) * [2. What makes a virtual firewall distinct?](#what-makes-a-virtual-firewall-distinct) * [3. Why use virtual firewalls?](#why-use-virtual-firewalls) * [4. Where are virtual firewalls deployed?](#why-use-virtual-firewalls) * [5. How do virtual firewalls compare to other firewall models?](#how-do-virtual-firewalls-compare-to-other-firewall-models) * [6. How virtual firewalls uniquely support Zero Trust](#how-virtual-firewalls-uniquely-support-zero-trust) * [7. What to look for in a virtual firewall](#what-to-look-for-in-a-virtual-firewall) * [8. Virtual firewall FAQs](#virtual-firewall-faqs) ![What Is a Virtual Firewall](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-a-virtual-firewall-video-thumbnail.jpg) close A virtual firewall is a type of software firewall delivered as a virtual machine or cloud instance. It runs on hypervisors or cloud compute platforms and inspects both north--south and east--west traffic. Because it's software-based, it can scale with workloads and integrate with cloud automation tools for consistent policy across environments. Virtual firewalls apply the same inspection and policy enforcement functions as a next-generation firewall. ## How do virtual firewalls work? A virtual firewall performs the same functions as a hardware [firewall](https://www.paloaltonetworks.com/cyberpedia/what-is-a-firewall). It inspects packets, compares them to policy, and allows or blocks connections. It can track session state, apply application-level rules, decrypt traffic, and log events for monitoring. The difference is in how and where it runs. A virtual firewall is delivered as a virtual machine image or cloud instance. It sits inline on a hypervisor switch or cloud gateway so all traffic between workloads or to and from the internet passes through it. ![Diagram titled 'Virtual firewall.' At the top, a dark gray bar labeled 'Internet' connects downward to a red bar labeled 'Hardware firewalls.' Below that, another red bar labeled 'Virtual firewall (software)' spans across two sections. Inside this section, two orange rectangles labeled 'SWFW process' sit above pairs of gray ovals marked 'App A' and 'App B,' which rest above a gray rectangle labeled 'Operating system.' These layers are contained within two stacked boxes labeled 'Virtual machine,' sitting on a white base labeled 'Hypervisor.' The entire structure is titled 'Virtualization host.' Blue arrows and labels indicate 'North-south traffic' vertically and 'East-west traffic' horizontally.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-a-virtual-firewall/Virtual-Firewall.png "Diagram titled 'Virtual firewall.' At the top, a dark gray bar labeled 'Internet' connects downward to a red bar labeled 'Hardware firewalls.' Below that, another red bar labeled 'Virtual firewall (software)' spans across two sections. Inside this section, two orange rectangles labeled 'SWFW process' sit above pairs of gray ovals marked 'App A' and 'App B,' which rest above a gray rectangle labeled 'Operating system.' These layers are contained within two stacked boxes labeled 'Virtual machine,' sitting on a white base labeled 'Hypervisor.' The entire structure is titled 'Virtualization host.' Blue arrows and labels indicate 'North-south traffic' vertically and 'East-west traffic' horizontally.") This position lets it secure both north--south traffic entering or leaving a virtual environment and east--west traffic flowing between workloads. That coverage goes beyond what many cloud-native controls provide. Virtual firewalls are also elastic. To accommodate traffic demands, they can be scaled up by allocating more vCPUs or scaled out by deploying more instances. Policies remain consistent because management happens centrally, while enforcement occurs at each instance close to the workload. Integration with cloud tags, labels, and APIs is another difference. Policies can adapt dynamically as workloads are created or destroyed, which allows security to keep pace with highly dynamic environments. In short, virtual firewalls work like hardware devices but operate as flexible, scalable instances inside virtualized and cloud networks. ## What makes a virtual firewall distinct? **A virtual firewall is different from a hardware appliance because of its form factor.** It runs as a VM or cloud instance instead of a dedicated device. Which means it can sit closer to workloads inside a virtualized network rather than only at a fixed perimeter. **This proximity changes how policies are applied.** Instead of securing only traffic that crosses into or out of a site, a virtual firewall can segment workloads and applications within the environment itself. That makes it useful for controlling east--west flows that a perimeter device would never see. **Another distinction is elasticity.** A hardware firewall is tied to the performance of its chassis. A virtual firewall can scale up by adding vCPUs or scale out by deploying new instances. Policies stay consistent, but capacity matches demand. For organizations running dynamic workloads, that flexibility is a practical advantage. **Automation also plays a role.** Virtual firewalls integrate with orchestration tools and cloud APIs. Which means policies can be updated automatically as resources change. This reduces manual work and keeps enforcement aligned with the pace of deployment. ***Note:*** *Virtual firewalls differ from cloud-native controls such as security groups or network ACLs. While those tools provide stateful filtering and cloud-native integration, a virtual firewall adds Layer 7 inspection, [threat prevention](https://www.paloaltonetworks.com/cyberpedia/what-is-threat-prevention), SSL/TLS decryption, and advanced policy enforcement capabilities typical of [next-generation firewalls](https://www.paloaltonetworks.com/cyberpedia/what-is-a-next-generation-firewall-ngfw). Which enables consistent, deep security across multi-cloud and hybrid environments.* ## Why use virtual firewalls? ![Architecture diagram titled 'Virtual firewall deployment' showing four main environments. Top left contains a cloud icon labeled 'Public cloud' with a surrounding box labeled 'VPC/VNet' and arrows pointing through a small shield icon representing a virtual firewall placed at the gateway. Top right shows 'Private cloud and virtualized data centers' with stacked server icons connected by lines and a shield icon positioned between segments labeled 'VLANs/VRFs.' Bottom left contains 'Branch offices and SD-WAN hubs' represented by a small building icon linked to a cloud with arrows passing through a shield icon labeled 'uCPE/SD-WAN hub.' Bottom right depicts 'OT and edge environments' with a factory icon connected to a shield icon labeled 'Virtualized platform.' All shield icons are identical and indicate where virtual firewalls are deployed.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-a-virtual-firewall/Virtual-firewall-benefits.png) All firewalls inspect traffic and enforce policies. What sets virtual firewalls apart is how they deliver those same functions inside cloud and virtual environments. Their software form factor allows them to sit close to workloads, scale with demand, and integrate with cloud-native tools. These capabilities translate into distinct benefits that address the challenges of securing dynamic, distributed infrastructure. * **Cloud-wide policy consistency** Virtual firewalls apply the same security rules across public clouds, private clouds, and on-premises environments. Because they integrate with cloud APIs, tags, and labels, policies can follow workloads as they scale or migrate. That's different from cloud-native security groups, which are limited to one platform. * **East--west microsegmentation** A virtual firewall can control traffic inside virtualized networks, not just at the edge. It enforces policies between VMs, subnets, or VPCs, creating boundaries that hardware firewalls cannot reach. This limits [lateral movement](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement) in cloud and data center environments. * **Inline cloud workload protection** Virtual firewalls sit in the path of internet-facing applications hosted in a VPC or VNet. They block malicious inbound requests before they hit the workload. They also monitor outbound traffic, stopping [exfiltration](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration) attempts or preventing connections to untrusted code sources. * **Cloud-aware visibility** Logs and reports from virtual firewalls include cloud metadata, such as tags and resource identifiers. This context makes it possible to see not just IPs or ports, but which workload or application is involved. That added visibility is key in dynamic environments where resources are constantly changing. ## Where are virtual firewalls deployed? ![Architecture diagram titled 'Virtual firewall deployment environments' showing a central circle on the left containing the main title. Four lines extend from this circle to icons with labels on the right. The top icon is a building labeled 'Branch offices \& SD-WAN hubs.' The second icon is a cloud labeled 'Public cloud.' The third icon is another cloud labeled 'Private cloud \& virtualized data centers.' The bottom icon is a factory-like structure labeled 'OT \& edge environments.' Each icon is inside a circular outline, with blue used for the outer circles of the first and last icons and gray tones for the two middle ones.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-a-virtual-firewall/Virtual-firewall-deployment-environments.png "Architecture diagram titled 'Virtual firewall deployment environments' showing a central circle on the left containing the main title. Four lines extend from this circle to icons with labels on the right. The top icon is a building labeled 'Branch offices & SD-WAN hubs.' The second icon is a cloud labeled 'Public cloud.' The third icon is another cloud labeled 'Private cloud & virtualized data centers.' The bottom icon is a factory-like structure labeled 'OT & edge environments.' Each icon is inside a circular outline, with blue used for the outer circles of the first and last icons and gray tones for the two middle ones.") Virtual firewalls can be deployed in multiple environments where physical appliances are not practical, including: * Public cloud * Private cloud and virtualized data centers * Branch offices and [SD-WAN](https://www.paloaltonetworks.com/cyberpedia/what-is-sd-wan) hubs * OT and edge environments Their role is to extend firewall controls into cloud, virtualized, and distributed networks so security follows the workloads. ### Public cloud Virtual firewalls are often placed inside public cloud environments. They can be inserted into VPCs or VNets as gateways or as part of a hub-and-spoke design. This lets them inspect north--south traffic entering workloads and east--west traffic between applications. In transit gateway patterns, they can also serve as a central inspection point before traffic moves between regions or to the internet. ***Note:*** *Cloud providers offer native controls such as security groups, but these are limited to basic filtering. A virtual firewall adds full NGFW inspection, including application-layer controls and threat prevention, across workloads and VPCs.* ### Private cloud and virtualized data centers In private clouds, workloads run on hypervisors and virtual networks. A virtual firewall can be deployed between segments or VLANs to enforce security policies. For example, it can separate a finance application from a development environment. It can also create [microsegmentation](https://www.paloaltonetworks.com/cyberpedia/what-is-microsegmentation) zones that restrict traffic even within the same data center. These controls reduce the risk of lateral movement in highly connected environments. ### Branch offices and SD-WAN hubs Branches often lack space for full appliances. In these cases, a virtual firewall can run on universal CPE or existing x86 servers. It provides [segmentation](https://www.paloaltonetworks.com/cyberpedia/what-is-network-segmentation) and threat prevention without requiring dedicated hardware. In SD-WAN architectures, virtual firewalls can be used as hub or spoke devices to secure branch-to-cloud or branch-to-branch traffic. This extends policy enforcement beyond the data center into distributed sites. ***Note:*** *Running a virtual firewall on universal CPE allows network and security functions to be consolidated on the same platform. That can reduce hardware sprawl in branches and make scaling more cost-effective.* ### OT and edge environments Some operational technology and edge deployments also use virtual firewalls. When a virtualized platform is already present, a firewall VM can provide inspection without adding new hardware. This is useful in scenarios where physical space or environmental requirements make appliances impractical. ## How do virtual firewalls compare to other firewall models? The distinction between virtual firewalls and other firewall models comes down to how they are delivered and where they fit. | Virtual firewalls vs. other software firewall models | |------------------------------------------------------| | Parameter | Virtual firewall | Hardware firewall | Container firewall | Managed firewall service | |-------------------------------|-----------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------|--------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------| | **Form factors** | Runs as a VM or cloud instance on a hypervisor | Physical appliance with dedicated CPU, memory, and interfaces | Runs inside container platforms such as Kubernetes | [Software firewall](https://www.paloaltonetworks.com/cyberpedia/what-is-a-software-firewall) instances hosted and operated by a provider | | **Installation \& operation** | Deployed on virtual machines or cloud compute; managed centrally with local enforcement | Installed between network devices; requires physical setup and lifecycle management | Integrated at the orchestration layer; configured through container APIs | Provider deploys and maintains; customer defines policies | | **Deployment options** | Public and private clouds, virtual data centers, branch offices, SD-WAN hubs | Data center or campus edge, industrial sites | Microservices and containerized applications | Provider's infrastructure, delivered as a managed service | | **Complexity** | Requires cloud networking integration and capacity planning | Higher due to physical hardware, refresh cycles, and skilled staff | Narrow scope but complexity tied to dynamic container environments | Lower for the customer; less direct control over operations | Essentially: * A **hardware firewall** is a physical appliance. It anchors the edge of a network and provides predictable performance through dedicated resources. * A **virtual firewall** is delivered as a VM or cloud instance. It runs on shared infrastructure and can be scaled up or down as workloads change. * **Container firewalls** take a different approach. They are designed specifically for [microservices](https://www.paloaltonetworks.com/cyberpedia/what-are-microservices) and integrate with orchestration platforms like [Kubernetes](https://www.paloaltonetworks.com/cyberpedia/what-is-kubernetes). Their scope is narrow, but they adapt quickly to short-lived workloads. * **Managed firewall services** shift responsibility to a provider. The software is hosted and maintained externally, while the customer defines and applies policies. This reduces operational burden but also means less direct control. Each firewall model addresses a different need. Together, they provide complementary options that can be combined as part of a broader network security strategy. | ***Further reading:*** * [*What Is a Hardware Firewall? Definition \& Explanation*](https://www.paloaltonetworks.com/cyberpedia/what-is-a-hardware-firewall) * [*Hardware Firewalls vs. Software Firewalls*](https://www.paloaltonetworks.com/cyberpedia/hardware-firewall-vs-software-firewall) * [*What Is a Container Firewall? How It Works + When to Use One*](https://www.paloaltonetworks.com/cyberpedia/what-is-a-container-firewall) ## How virtual firewalls uniquely support Zero Trust Virtual firewalls bring Zero Trust principles into cloud and virtual environments by enforcing policy where workloads actually run. Unlike perimeter devices, they can be deployed inline on hypervisors, VPCs, or VNets. This placement allows enforcement points to exist throughout the environment, not just at the edge. One way this supports Zero Trust is through distributed control. Each virtual firewall instance checks traffic between workloads or tiers. That makes it possible to verify every request and restrict access to the minimum required, which aligns directly with [least privilege access](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access). Microsegmentation is another fit. Virtual firewalls can create boundaries between VMs, subnets, or virtual private clouds. These divisions help ensure that a compromise in one part of the environment does not automatically spread to another. ![Architecture diagram titled 'Virtual firewalls as Zero Trust enforcement points' showing how virtual firewalls operate within a private cloud environment connected to the internet. On the left, a column lists four security features with corresponding icons: 'Microsegmentation' with text 'Each tier is isolated with granular security policies preventing lateral movement,' 'Least privilege access' with text 'Only explicitly allowed traffic flows between segments, all other traffic denied by default,' 'Zero Trust architecture' with text 'Every connection is authenticated and authorized regardless of network location,' and 'Policy enforcement' with text 'Virtual firewall inspects and controls all traffic at the application layer.' The main diagram on the right depicts two labeled sections, 'Private cloud' and 'Internet,' connected by icons representing network traffic flow. Within the private cloud, two boxes labeled 'Virtualization host' each contain stacked elements representing virtual machines labeled 'VM,' grouped under VLAN or segment labels such as 'VLAN1' and 'Segment1.' Above each host is an orange bar labeled 'Virtual FW.' Both virtual firewalls are connected to an upper orange box labeled 'Perimeter firewalls,' which links to an icon of the internet. A blue line connects both virtual firewalls to a blue box labeled 'Centralized management.' Arrows show traffic flows between components, illustrating policy enforcement and segmentation between virtual environments.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-a-virtual-firewall/Virtual-firewalls-as-Zero-Trust-enforcement-points.png) They also support dynamic policy. Rules can be tied to cloud attributes such as tags or resource identifiers rather than static IP addresses. As resources scale up or down, policies follow automatically. This keeps enforcement continuous even in highly elastic environments. In short, virtual firewalls make Zero Trust practical in places where traditional appliances cannot reach. They distribute enforcement close to workloads, provide segmentation across virtual networks, and apply policies that adapt as environments change. | ***Further reading:*** * [*What is Zero Trust Architecture (ZTA)?*](https://www.paloaltonetworks.com/cyberpedia/what-is-a-zero-trust-architecture) * [*What Is Zero Trust for the Cloud?*](https://www.paloaltonetworks.com/cyberpedia/what-is-a-zero-trust-for-the-cloud) ## What to look for in a virtual firewall ![Chart titled 'What to look for in a virtual firewall' with five callout boxes arranged vertically. The first box is labeled 'Application-aware protections' with supporting text 'Layer 7 inspection, intrusion prevention, SSL/TLS decryption, URL filtering, and DNS security' and an orange circular icon showing a document with a shield. The second box is labeled 'Integration with cloud automation' with supporting text 'Support for tags, labels, APIs, and platforms like Terraform or Ansible' and an orange circular icon showing a cloud. The third box is labeled 'Centralized management and visibility' with supporting text 'Single console across clouds and on-premises, with integrated logging and telemetry' and no icon displayed. The fourth box is labeled 'High availability and scale' with supporting text 'Cloud-native load balancing, autoscaling, and failover support' and an orange circular icon with four arrows pointing outward. The fifth box is labeled 'Clear performance guidance' with supporting text 'Vendor sizing recommendations based on vCPUs, memory, and throughput' and an orange circular icon showing a document with a chart. Each box has a light gray outline and is connected by a vertical dotted line.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-a-virtual-firewall/What-to-look-for-in-a-virtual-firewall.png) Choosing a virtual firewall means looking beyond the basic form factor. Since the core inspection functions are the same across models, the difference comes down to which features make the firewall effective in dynamic cloud and virtual environments. Here are the qualities to prioritize: ### Application-aware protections A virtual firewall should provide the same advanced protections as a next-generation appliance. As mentioned, that includes Layer 7 inspection, [intrusion prevention](https://www.paloaltonetworks.com/cyberpedia/what-is-an-intrusion-prevention-system-ips), SSL/TLS decryption, [URL filtering](https://www.paloaltonetworks.com/cyberpedia/what-is-url-filtering), and DNS security. These capabilities ensure threats are blocked even when they hide in application traffic. ### Integration with cloud automation Look for integration with cloud tags, labels, and orchestration tools. Virtual firewalls that support APIs and automation platforms like Terraform or Ansible can adapt policies as workloads change. This reduces manual effort and keeps security aligned with dynamic environments. ### Centralized management and visibility Management should extend across multiple clouds and on-premises environments. A central console allows policies to be defined once and enforced everywhere. Logging and telemetry should also integrate with monitoring systems to give teams full visibility into applications, users, and traffic flows. ### High availability and scale Virtual firewalls should support cloud-native availability patterns. That includes integration with load balancers, autoscaling groups, and failover mechanisms. These features help ensure continuous enforcement even when demand spikes or an instance fails. ### Clear performance guidance Performance depends on the underlying instance type. Vendors should provide sizing guidance so security teams can match vCPUs, memory, and throughput to their traffic mix. This avoids under-provisioning or unnecessary overspending. ![Icon of report](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/sase-architecture/icon-report.svg) ## WHITE PAPER: HACKERS ARE COMING FOR YOUR CLOUD-BASED APPLICATIONS Explore how software firewalls address cloud-native threats, compliance demands, and Zero Trust requirements. [Download white paper](https://www.paloaltonetworks.com/resources/whitepapers/hackers-are-coming-for-your-cloud-based-applications) ## Virtual firewall FAQs ### What is a virtual firewall also called? A virtual firewall is also known as a cloud firewall or virtualized next-generation firewall (NGFW). ### How does a virtual firewall work? While both virtual and physical firewalls control network access between trusted and untrusted zones, virtual firewalls, unlike their physical counterparts, exist as software solutions. This makes them particularly suited for providing security in virtualized environments, as opposed to physical firewalls, which are tangible devices typically situated within on-site data centers. ### What are the features of a virtual firewall? Features include Layer 7 capabilities, threat prevention, URL filtering, malware prevention, DNS security, IoT security, mobile traffic inspection, consolidated security management, and application identification and control. ### What is the best way to set up a virtual firewall? The best way to set up a virtual firewall is to optimize it for the specific network needs, configure rules for traffic inspection and control, and ensure it's integrated with the existing security infrastructure for maximum effectiveness. ### How do I deploy a virtual firewall? To deploy a virtual firewall, install it on a virtual machine, server, or through a cloud service provider (CSP). Configure security policies and rules, and integrate them with the network architecture and cloud services. ### Can a virtual firewall protect physical networks? Yes, a virtual firewall can protect physical networks. It manages and monitors the traffic that passes through the virtualized segments of those networks. Related content [White paper: Your Hybrid Infrastructure is Under Attack Discover best practices for securing distributed, interconnected hybrid cloud environments.](https://www.paloaltonetworks.com/resources/whitepapers/your-hybrid-infrastructure-is-under-attack?ts=markdown) [Podcast: Threat Vector | Rethinking Cloud Security Strategies Hear how cloud security is being reshaped by platformization, AI, and a prevention-first approach.](https://www.paloaltonetworks.com/resources/podcasts/threat-vector-rethinking-cloud-security-strategies?ts=markdown) [Report: Unit 42 Global Incident Response Report 2025 Get current data on breaches in cloud and hybrid environments.](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report) [Checklist: 42 Tips to Build a Resilient Cybersecurity Program Find out everything you need to know to stop adversaries from targeting cloud environments.](https://start.paloaltonetworks.com/incident-response-42-tips-checklist-unit42) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20a%20Virtual%20Firewall%3F%20How%20It%20Works%20%2B%20When%20to%20Use%20One&body=A%20virtual%20firewall%20is%20a%20type%20of%20software%20firewall%20delivered%20as%20a%20virtual%20machine%20or%20cloud%20instance.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-is-a-virtual-firewall) Back to Top {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language