VM-Series: Next-Generation Security for Private and Public Clouds

The VM-Series is a virtualized form factor of our next-generation firewall that can be deployed in a range of private and public cloud computing environments based on technologies from VMware®, Amazon® Web Services, Microsoft®, Citrix® and KVM.

The VM-Series natively analyzes all traffic in a single pass to determine the application identity, the content within, and the user identity. These core elements of your business can then be used as integral components of your security policy, enabling you to improve your security efficacy through a positive control model and reduce your incident response time though complete visibility into applications across all ports.

In both private and public cloud environments, the VM-Series can be deployed as a perimeter gateway, an IPsec VPN termination point, and a segmentation gateway, protecting your workloads with application enablement and threat prevention policies.

Next-Generation Security for Your Virtualized Data Center

The VM-Series combines next-generation firewall security and advanced threat prevention to protect your virtualized environments from advanced cyberthreats. The VM-Series natively analyzes all traffic in a single pass to determine the application identity, the content within, and the user identity.

These core elements of your business can then be used as integral components of your security policy, enabling you to improve your security efficacy through a positive control model and reduce your incident response time though complete visibility into applications across all ports. 

Securing the Private Cloud

Defined as an environment in which you are responsible for the management of all aspects of the virtualization, hardware, compute, networking and security, a private cloud is often considered to be synonymous with your data center, and in fact, many data centers are 100 percent virtualized using VMware, Microsoft Hyper-V®, KVM or other private cloud technologies.

The VM-Series allows you to protect your private cloud infrastructure using application enablement policies while simultaneously preventing known and unknown threats. The VM-Series supports the following private cloud environments: VMware ESXi™ and NSX®, Citrix NetScaler® SDX™, Microsoft Hyper-V and KVM/OpenStack®.

 


Securing the Public Cloud

Defined as a ready-made compute, networking and storage environment, public cloud offerings, such as AWS®, Microsoft Azure or Google® Cloud, bring ubiquitous access to users, rapid scalability to address workload “bursts,” and infrastructure consistency. In a public cloud, ensuring your applications and data are kept safe from attackers is your responsibility, and that is where the VM-Series can help.

The VM-Series protects your public cloud deployment using application enablement policies while simultaneously preventing known and unknown threats. The VM-Series supports the following public cloud environments: Amazon Web Services (AWS), Microsoft Azure and VMware vCloud® Air™.

Protecting Mission-Critical Applications and Data Using Zero Trust Principles

Security best practices dictate that your mission-critical applications and data should be isolated in secure segments using Zero Trust (“never trust, always verify”) principles as a means of controlling access.

Our zone-based policy architecture enables you to use the VM-Series to build access control policies based on the application and the user, effectively segmenting the applications and protecting east-west traffic between virtual machines. 

 


 

Blocking Lateral Movement of Cyberthreats

Today’s cyberthreats commonly compromise an individual workstation, or user, and then move across the network, looking for a target. Within your virtual network, cyberthreats move laterally from VM to VM in an east-west manner, placing your mission-critical applications and data at risk.

Exerting application-level control using Zero Trust principles in between VMs will reduce the threat footprint while applying policies to block both known and unknown threats.

 


 

Security That Keeps Pace With Your Business

To automate firewall deployments and policy updates, you can use a combination of bootstrapping, an XML API and native management features to deploy fully configured firewalls in minutes and dynamically drive security policy updates based on workload changes.

Panorama™ network security management enables you to centrally manage your VM-Series deployments, along with your physical security appliances, thereby ensuring policy consistency and cohesion. Rich, centralized logging and reporting capabilities provide visibility into virtualized applications, users and content. 

 


 

The VM-Series

The VM-Series is comprised of five models that deliver App-ID™ technology enabled throughput that ranges from 200 Mbps for the VM-50 to 16 Gbps for the VM-700. To learn more about performance and capacities of the VM-Series, please visit the firewall comparison tool