Reference Architectures

Learn how to leverage Palo Alto Networks® solutions to enable the best security outcomes. Reduce rollout time and avoid common integration efforts with our validated design and deployment guidance. These architectures are designed, tested, and documented to provide faster, predictable deployments.

Architecture Overviews

Learn how Palo Alto Networks solutions solve common security challenges.
Network Security
Zero Trust

Network Security for the Public Cloud

Use VM-Series and CN-Series Firewalls to bring in-line visibility, control, and protection to applications built in public cloud environments. These guides provide multiple design models that cover simple proofs-of-concept to scalable designs for large enterprises.

Public Cloud Security Overview
AWS
Azure
GCP
Containers

Secure Access Service Edge

SASE is the convergence of wide-area networking, or WAN, and network security services. These guides show how SD-WAN, Prisma Access, and Prisma SaaS bring visibility, control, and protection to users that are mobile and in the branch office.

SASE Overview
SASE for Securing Internet
SASE for Securing Private Applications
Securing SaaS

On-Premises Network Security

Describes how to use on-premises Palo Alto Networks next-generation firewalls to provide visibility, control, and protection to users in the branch. In addition, these guides cover using PAN-OS SD-WAN to interconnect branch sites.
On-Premises Network Security for the Branch
IoT Security

Security Operations

Learn how Palo Alto Networks provides solutions for prevention, detection, investigation, and response to help security operations prevent threats and efficiently manage alerts.
Security Operations
Security Operations Automation and Response

Private Data Center

Learn how to use PA-Series Next-Generation Firewalls and VM-Series Virtualized Next-Generation Firewalls to secure applications and data in data centers.
Cisco ACI
NSX-T Data Center
VMware vSphere