Microsoft Exchange Server Exploit response

CN-Series

Tomorrow's security controls all container traffic

Protect inbound, outbound, and east-west traffic between container trust zones and other workload types in your Kubernetes environment today–without slowing the speed of development.

Read the data sheet

Get unprecedented container traffic control

Get the eBook

Keep cloud native applications nimble and secure with the industry’s first ML-powered, next-generation firewall built specifically for Kubernetes environments. Immediately gain deep layer 7 visibility into container traffic and enforce threat prevention policies to protect allowed traffic across Kubernetes namespace boundaries. Palo Alto Networks CN-Series container firewalls make the most of native Kubernetes orchestration by integrating firewall deployment directly into your DevOps workflow--a single command is all it takes for simultaneous deployment on all nodes in a Kubernetes cluster.

Get the eBook

Make Kubernetes network security constant and consistent

CN-Series container firewalls help network security teams safeguard developers by enabling threat prevention in Kubernetes environments.

See infographic

Gain visibility and control CN-Series provides full layer 7 traffic visibility, including container source IP of outbound traffic--and detects and prevents threats sneaking into allowed traffic traveling between namespace boundaries.

Streamline DevOps security CN-Series firewalls offer frictionless deployment directly intoDevOps workflows. YAML file configuration seamlessly establishes deployment as part of the overall Kubernetes orchestration process.

Boost overall security posture CN-Series firewalls enforce enterprise-level network security and threat protection in container traffic--and elevate the overall security posture by sharing Kubernetes contextual information with other Palo Alto Networks firewalls.

Reduce time and effort CN-Series use Panorama as a single console to manage all network security components and firewalls, whether physical, virtual or container form factors.

Request a personalized demo

Skip the line and get a demo tailored to you. A Palo Alto Networks representative will contact you shortly to schedule a personalized demo.

Request demo

Go deep into container traffic for advanced cloud-native network security

Prevent threats in traffic crossing namespace boundaries CN-Series firewalls mitigate lateral movement attacks by detecting and preventing threats moving between applications in different trust zones and namespaces. This oversight and control includes securing traffic between containers within the same cluster, and between containers and other workload types, such as virtual machines and bare-metal servers.

Discover the flexibility of a tag-based policy model CN-Series firewall policies can be defined by application, user, content, and native Kubernetes namespaces and labels, along with other metadata to deliver flexible policies aligned to business needs. This context can be shared and used by all Palo Alto Network firewalls, including physical and virtual form factors, ensuring a consistent policy model across your entire hybrid cloud environment.

See the entire picture with centralized policy management CN-Series firewall policies are managed from the same interface as all Palo Alto Networks next-generation firewall form factors, providing network security teams with a single console to manage network security for physical, virtual, container, and public cloud workloads. To further reduce the attack surface, CN-Series and Prisma Cloud together provide microsegmentation and advanced security services.

Protect outbound traffic and stop data exfiltration CN-Series’ URL filtering capability is particularly valuable for preventing developers from inadvertently accessing suspect websites, such as code repositories that can harbor potentially devastating malware. The container firewalls block data exfiltration from Kubernetes environments by inspecting traffic content, including encrypted traffic such as DNS traffic.

Thwart inbound threats with advanced inspection and detection CN-Series firewalls defend against malware delivery through custom-built signatures based on content – not hash – to protect against known malware, including variants yet to be seen in the wild. Protections against newly discovered malware are delivered daily by WildFire, keeping the latest threats from breaching your network.

Recommended resources

Protect hybrid clouds

See infographic

Flexible Consumption Solution Brief

Credit-based licensing

Read the solution brief

DevOps Summary: Unit 42 Cloud Threat Report

Read report

Need to Secure Cloud Native Applications? Look at Airport Security

Read blog

Why virtual firewalls in public clouds?

Read the eBook

VM-Series virtual firewall overview

Read solution brief

VM-Series on NSX

Watch video

Where do you need a virtual firewall?

See infographic

VM-Series on NSX

Read solution brief

Secure Branches in the Digital Age

Read white paper

See how the industry’s first NGFW for Kubernetes works

Infographic: CN-Series

ESG White Paper: Revisiting a Software-based Approach to Network Security

Get White Paper

Quick links

Request a personalized demo

Contact sales

Visit the Resource Center

Visit the Corporate blog

Visit the Unit 42 blog

Tomorrow's security controls all container traffic

Recommended resources

Unlock the cloud security kit now

Get everything you need from best practices and guides to secure your cloud environments today.

Popular Links

Unlock the cloud
security kit now