Overview
VM-Series, when combined with native AWS services, enable you to create "touchless" deployments and allow your developers to operate at the speed of the cloud. VM-Series protects your applications and data using whitelisting and segmentation policies that are dynamically updated based on AWS tags, allowing you to reduce the attack surface area and achieve compliance. Additionally, threat prevention policies can stop both known and unknown attacks.
For BYOL listing, VM-Series license is not included. Please contact your Palo Alto Networks sales representative or channel partner.
Highlights
- An AWS Network Competency and Security Competency approved solution that complements native AWS security with real-time threat and data theft prevention.
- Dynamic and large scale deployments can be protected using AWS Auto Scaling/ELB integration and Transit VPC with AWS Transit Gateway and Gateway Load Balancer
- Amazon GuardDuty and AWS Security Hub integration enables the VM-Series to automatically block potentially malicious activity
Details
Features and programs
Buyer guide
Financing for AWS Marketplace purchases
Pricing
Additional AWS infrastructure costs
Type | Cost |
---|---|
EBS General Purpose SSD (gp2) volumes | $0.10/per GB/month of provisioned storage |
Vendor refund policy
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Additional details
Usage instructions
See documentation for detailed steps to set admin password before using the web interface of VM-Series. Once the instance is running, connect to it using a SSH client with the private key file used to launch the instance. For example: ssh -i <privatekey.pem> admin@<EIP or private IP of eth0> Then use the PAN-OS CLI commands "configure", "set mgt-config users admin password" and "commit" commands to set the password.
Resources
Support
Vendor support
To help you get started with your deployment such as how-to videos, deployment guides and reference architectures, please visit: https://live.paloaltonetworks.com/aws .For post-sales support, you can use the following options:Call us at 1 (866) 898-9087 Open a case by following the steps here:
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Customer reviews
The best firewall
Robust firewall technology. It's reliable, resourceful, and easy to manage.
After years deploying and managing other brands, I found a great product and I'm happy so have it available for AWS.
Integration in AWS is well documented and easy to follow.
No Rating
This is informational, the product allows you to launch on c5.large however that is not enough memory. It will boot to maintenance mode with an error in the system log about not having enough memory. Needs > 4GB, not 4GB.
Horribly Slow!
Earlier versions are super slow to launch (pass basic status checks), and super slow to bootstrap (respond even on ssh port). The latest version fails to launch fast enough to get past the basic status checks (10 minute timeout), and there is no means to alter this timeout for an auto scaling group (not the same timeout has HealthCheckGracePeriod). If you're designing for high availability, this is not the product for you.
Once a mighty company
I've been an advocate for using Palo Alto firewalls for over a decade. They were so far ahead of everyone else. The gap has closed quite signficantly, and they still shine when it comes to being a full layer 7 firewall. The problem is that the company has grown too large and the product has tons of bugs, support is non-existent. They hire people off the streets to support them because they have such a large customer base, and these "off the street" people in turn hire people with even less skill than them. It's a crap shoot when deploying PANS these days, as you run into all kinds of issues, and don't even think about opening a case. You will have to invest tons of times to over explain the issue, be fed with useless documents (you can find those yourself), and escalate multiple times, and then if you're lucky, you may find someone that can find a bug , which will almost never get fixed.
Launch at an older version
How can we launch the instance at an older version? like 10.1.4? when we launch an instance, it doesn't ask for the software version and launches by default to the latest version