VM-Series
Palo Alto Networks VM-Series Virtual Next-Generation Firewalls provide all the capabilities of our physical NextGeneration Firewalls in a virtual machine form factor, to protect AliCloud environments
  • Delivery Method: Image
  • Architecture: 64
  • Base Operating System: linux
  • Latest Version: VM Series 10.0.3
  • Monthly Subscription:
  • Renewal Price:
Product Details
  • Product Highlights
    The VM-Series effectively addresses the security challenges of hybrid and multi-cloud environments as well as branch offices by providing deep visibility and precise control, reducing the attack surface and preventing threats, and automating network security at scale. Key features: 1. Network-Wide Visibility and Control Protect Applications and Data 2. Segmentation and Threat Prevention Cut Risk 3. Automated Network Security at Scale Safeguards DevOps
  • Product Description

    Application Security Detects Hard-to-Find Threats

    Challenge

    Port-based security groups implemented by cloud service providers (CSPs) lack application-level visibility into network traffic and have few threat prevention capabilities. As a result, native cloud security groups will not discover threats that exploit open ports (e.g., 80/443) or target vulnerabilities in non-web apps, such as the well-known ones in Apache Struts.

    Solution

    VM-Series firewalls inspect every inbound packet and block suspicious traffic based on application type or user identity, going beyond simple port blocking to protect traffic over open ports. The VM-Series also provides advanced security capabilities, such as intrusion prevention system (IPS) and sandboxing, to defend against both known and unknown vulnerabilities at the edge of a public cloud environment

     

    Outbound Traffic Protection Stops Exfiltration

    Challenge

    If attackers make it past perimeter controls, they still need a way to exfiltrate data from the environment. Often, they take advantage of allowed encrypted traffic flows, such as domain name system (DNS) traffic, to hide data as it leaves the environment.

    Example

    An attacker gains access to your environment by stealing a user’s credentials. After conducting reconnaissance and identifying valuable information, the attacker executes a DNS tunneling technique to exfiltrate it from the compromised application by hiding the data in encrypted DNS traffic.

    Solution

    VM-Series firewalls can decrypt traffic for outbound content inspection. The DNS Security service on the VMSeries ensures that even allowed encrypted traffic flows are inspected and protected

     

    Filtering and Inspection Boost Developer Security

    Challenge

    Native CSP firewalls have limited capabilities to filter and inspect outbound traffic leaving the cloud environment. As a result, if developers download compromised open source code from a public code repository, they may unwittingly allow malware to penetrate the security perimeter. Once inside, threats can move laterally to locate information for exfiltration.

    Solution

    VM-Series firewalls provide URL Filtering to ensure that developers can only access known good repositories that are maintained and secured internally

     

    Comprehensive Control Across Multiple Clouds Makes Security Consistent

    Challenge

    As organizations divide application hosting between multiple public and private clouds, overall security posture becomes more fragmented and difficult to manage. Each part of the environment requires its own policy model and security controls, which increases operational complexity, creates security gaps, and causes delays for cloud migration initiatives.

    Example

    A large enterprise has critical applications hosted on a private cloud and two different public cloud environments. To enforce consistent security policies across all three parts of this hybrid environment, the security team must duplicate policies across three clouds using the native controls in each—a labor-intensive and error-prone task. Managing overall security posture requires the team to develop expertise in each cloud’s controls and management interface.

    Solution

    VM-Series virtual firewalls deployed in multiple public and private cloud environments can all still be managed from the same console. This lets security teams deliver the same best-in-class security capabilities to each environment and extend a uniform policy model across the entire ecosystem to ensure consistency and simplification of overall security posture

  • User Guide
    Click here to read detailed user guide.
  • Image ID corresponding to each region
    Image version:
    Region Image ID
Pricing
  • Region:
  • Purchase Plan:

* The price listed software price only. For final pricing, please navigate to the ECS confirmation page.

ECS Instance Type Software Cost Software Renewals
Support
  • Support Service Scope
    Please contact with the sales team or visit: https://support.paloaltonetworks.com
  • End User License Agreement
  • Refund Policy
    BYOL (Bring Your Own License)
Reviews & Ratings
  • Rating:
No Record
Seller Information
dma@paloaltonetworks.com