See our SolarStorm response
  • Network Security
  • Cloud Security
  • Security Operations
  • More
  • Get support
  • Sign In
  • Get Started
CN-Series

Tomorrow's security controls all container traffic

Protect inbound, outbound, and east-west traffic between container trust zones and other workload types in your Kubernetes environment today–without slowing the speed of development.

Read the data sheet
Get unprecedented container traffic control
Get the eBook
Keep cloud native applications nimble and secure with the industry’s first ML-powered, next-generation firewall built specifically for Kubernetes environments. Immediately gain deep layer 7 visibility into container traffic and enforce threat prevention policies to protect allowed traffic across Kubernetes namespace boundaries. Palo Alto Networks CN-Series container firewalls make the most of native Kubernetes orchestration by integrating firewall deployment directly into your DevOps workflow--a single command is all it takes for simultaneous deployment on all nodes in a Kubernetes cluster.
Get the eBook
Make Kubernetes network security constant and consistent
CN-Series container firewalls help network security teams safeguard developers by enabling threat prevention in Kubernetes environments.

See infographic
Gain visibility and control CN-Series provides full layer 7 traffic visibility, including container source IP of outbound traffic--and detects and prevents threats sneaking into allowed traffic traveling between namespace boundaries.
Streamline DevOps security CN-Series firewalls offer frictionless deployment directly intoDevOps workflows. YAML file configuration seamlessly establishes deployment as part of the overall Kubernetes orchestration process.
Boost overall security posture CN-Series firewalls enforce enterprise-level network security and threat protection in container traffic--and elevate the overall security posture by sharing Kubernetes contextual information with other Palo Alto Networks firewalls.
Reduce time and effort CN-Series use Panorama as a single console to manage all network security components and firewalls, whether physical, virtual or container form factors.
Request a personalized demo

Skip the line and get a demo tailored to you. A Palo Alto Networks representative will contact you shortly to schedule a personalized demo.
Request demo
Go deep into container traffic for advanced cloud-native network security
Prevent threats in traffic crossing namespace boundaries CN-Series firewalls mitigate lateral movement attacks by detecting and preventing threats moving between applications in different trust zones and namespaces. This oversight and control includes securing traffic between containers within the same cluster, and between containers and other workload types, such as virtual machines and bare-metal servers.
Discover the flexibility of a tag-based policy model CN-Series firewall policies can be defined by application, user, content, and native Kubernetes namespaces and labels, along with other metadata to deliver flexible policies aligned to business needs. This context can be shared and used by all Palo Alto Network firewalls, including physical and virtual form factors, ensuring a consistent policy model across your entire hybrid cloud environment.
See the entire picture with centralized policy management CN-Series firewall policies are managed from the same interface as all Palo Alto Networks next-generation firewall form factors, providing network security teams with a single console to manage network security for physical, virtual, container, and public cloud workloads. To further reduce the attack surface, CN-Series and Prisma Cloud together provide microsegmentation and advanced security services.
Protect outbound traffic and stop data exfiltration CN-Series’ URL filtering capability is particularly valuable for preventing developers from inadvertently accessing suspect websites, such as code repositories that can harbor potentially devastating malware. The container firewalls block data exfiltration from Kubernetes environments by inspecting traffic content, including encrypted traffic such as DNS traffic.
Thwart inbound threats with advanced inspection and detection CN-Series firewalls defend against malware delivery through custom-built signatures based on content – not hash – to protect against known malware, including variants yet to be seen in the wild. Protections against newly discovered malware are delivered daily by WildFire, keeping the latest threats from breaching your network.

Recommended resources

  • All
  • All
DevOps Summary: Unit 42 Cloud Threat Report
Read report
Need to Secure Cloud Native Applications? Look at Airport Security
Read blog
Why virtual firewalls in public clouds?
Read the eBook
VM-Series virtual firewall overview
Read solution brief
VM-Series on NSX
Watch video
Where do you need a virtual firewall?
See infographic
VM-Series on NSX
Read solution brief
Secure Branches in the Digital Age
Read white paper
See how the industry’s first NGFW for Kubernetes works
Infographic: CN-Series
Quick links
Request a personalized demo
Request a personalized demo
Contact sales
Contact sales
Visit the Resource Center
Visit the Resource Center
Visit the Corporate blog
Visit the Corporate blog
Visit the Unit 42 blog
Visit the Unit 42 blog

Unlock the cloud
security kit now

Get everything you need from best practices and guides to secure your cloud environments today.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.
Subscription Reward

Popular Resources

  • Blog
  • Communities
  • Content Library
  • Cyberpedia
  • Event Center
  • Investors
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Trust Center
  • Terms of Use
  • Documents

Popular Links

  • About Us
  • Careers
  • Contact Us
  • Manage Email Preferences
Report a Vulnerability
  • USA (ENGLISH)
  • AUSTRALIA (ENGLISH)
  • BRAZIL (PORTUGUÉS)
  • CANADA (ENGLISH)
  • CHINA (简体中文)
  • FRANCE (FRANÇAIS)
  • GERMANY (DEUTSCH)
  • INDIA (ENGLISH)
  • ITALY (ITALIANO)
  • JAPAN (日本語)
  • KOREA (한국어)
  • LATIN AMERICA (ESPAÑOL)
  • MEXICO (ESPAÑOL)
  • SINGAPORE (ENGLISH)
  • SPAIN (ESPAÑOL)
  • TAIWAN (繁體中文)
  • UK (ENGLISH)
  • Facebook
  • Linkedin
  • Twitter
  • Youtube
Create an account or login

© 2021 Palo Alto Networks, Inc. All rights reserved.