To help customers address the diverse cloud and virtualization use cases and the growing need for greater performance, the VM-Series has been optimized and expanded to deliver industry-leading performance of up to 16Gbps of App-ID enabled firewall throughput across five models. Customers can protect their cloud and virtualization initiatives with a security feature set that mirrors those protecting their physical networks and delivers a consistent security posture from the network to the cloud.
This guide provides a foundation for securing network infrastructure using Palo Alto Networks® VMSeries virtualized next generation firewalls within the Amazon Web Services (AWS) public cloud. For an organization with a desire to move to public cloud infrastructure, the next question is often “How do I secure my applications in a public cloud?” This guide provides an overview of AWS components and how they can be used to build a scalable and secure public cloud infrastructure on AWS using the VM-Series. The architectures begin with a single virtual private cloud suitable for organizations getting started and scales to thousands to meet any size organization’s operational requirements.
Next-generation implies that new methods of processing and securing network traffic are being used to provide visibility and control over traffic, applications, and threats. Enterprise security deals with threat protection for large and complex organizations; while cybersecurity scales the vast landscape of the Internet riddled with vulnerabilities and viruses.
Organizations are rapidly migrating their enterprise applications and data onto Amazon ® Web Services. Just as they would in the data center, applications deployed on AWS ® often require outbound connectivity to applications housed in other virtual private clouds, as well as to resources located on the corporate network or the web. As the numbers of AWS accounts and VPCs grow, managing the many individual connections becomes complex and difficult, often slowing deployments. Another challenge lies in making sure the process of protecting applications and data does not become a bottleneck for new applica - tion deployments.