With knowledge comes power. Identifying applications within your virtualized environment, regardless of port, gives you unmatched visibility into your KVM-based deployment. Armed with this knowledge, you can make more-informed security policy decisions.
Using the application as the basis for your VM-Series security policy allows you to leverage the deny-all-else premise that a firewall is based on for both gateway and workload-to-workload protection. You can safely enable allowed applications and deny all others.
To further protect your KVM deployment, you can deploy application-specific threat prevention policies that will block both known and unknown malware.
The VM-Series on KVM can be deployed to address a number of different use cases, each of which takes full advantage of our next-generation firewall and advanced threat prevention features.
Firewall – Perimeter Gateway
For enterprises embarking on a build-your-own cloud computing environment, the VM-Series on KVM allows you to apply all of the Palo Alto Networks next-generation firewall and advanced threat prevention features to the traffic traversing your cloud computing perimeter.
KVM and OpenStack are commonly used by service providers to efficiently and cost-effectively scale their cloud computing service offerings for customers. When combined with the virtualized next-generation firewall and automation features in the VM-Series, service providers can build highly profitable cloud computing service offerings.
Security Virtual Network Function
VM-Series on KVM and OpenStack is optimized for a broad range of performance and capacity needs of service providers looking to deploy security virtual network functions. Simplified security automation workflows enable deployment flexibility and agility to provision a broad set of customized on-demand security services for enterprise vCPE use cases.