Sold by: Palo Alto Networks
Deployed on AWS
Free Trial
Protect AWS workloads, VDIs, and user traffic with AI/ML-powered virtual firewall from Palo Alto Networks. This listing includes VM-Series virtual firewall, Palo Alto Networks flagship - Advanced Threat Prevention security service and 24x7 premium technical support.
This listing now supports deployment of reference architectures using AWS CloudFormation templates. Set up in less than 10 steps with options for high availability or single firewall. Firewalls launch with preconfigured policies and support deployment across Availability Zones.
4.3
Overview
VM-Series, when combined with native AWS services, enable you to create "touchless" deployments and allow your developers to operate at the speed of the cloud. VM-Series protects your applications and data using whitelisting and segmentation policies that are dynamically updated based on AWS tags, allowing you to reduce the attack surface area and achieve compliance. Additionally, threat prevention policies can stop both known and unknown attacks.
This listing now supports deployment of reference architectures using AWS CloudFormation templates. Set up in just a few steps with options for high availability or single firewall. Firewalls launch with preconfigured policies and support deployment across Availability Zones.
Highlights
- Best-in-class public cloud network security solution powered by AI/ML and latest threat research protects your workloads against day zero and known threats with application layer 7 visibility.
- Support deployment of reference architectures using AWS CloudFormation templates in just a few steps for easy deployment
- Integrations with Gateway Load Balancer, AWS Auto Scaling, and Transit VPC to protect traffic across many types of dynamic and large scale deployments.
Details
Sold by
Categories
Delivery method
Delivery option
CFT Template
Latest version
Operating system
CentOs 12.1.5
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 15 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
c4.8xlarge | $4.32 |
c5.xlarge | $1.71 |
c5n.18xlarge | $4.32 |
c4.4xlarge | $4.32 |
c5.4xlarge | $4.32 |
c4.2xlarge | $2.43 |
c5.2xlarge | $2.43 |
m5.large | $1.35 |
c5n.xlarge | $1.71 |
m5n.large | $1.35 |
Vendor refund policy
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
CFT Template
VM-Series, when combined with native AWS services, enable you to create "touchless" deployments and allow your developers to operate at the speed of the cloud. VM-Series protects your applications and data using whitelisting and segmentation policies that are dynamically updated based on AWS tags, allowing you to reduce the attack surface area and achieve compliance. Additionally, threat prevention policies can stop both known and unknown attacks.
This listing now supports deployment of reference architectures using AWS CloudFormation templates. Set up in just a few steps with options for high availability or single firewall. Firewalls launch with preconfigured policies and support deployment across Availability Zones.
CloudFormation Template (CFT)
AWS CloudFormation templates are JSON or YAML-formatted text files that simplify provisioning and management on AWS. The templates describe the service or application architecture you want to deploy, and AWS CloudFormation uses those templates to provision and configure the required services (such as Amazon EC2 instances or Amazon RDS DB instances). The deployed application and associated resources are called a "stack."
Additional details
Usage instructions
The CFT deployment streamlines the deployment and initial configuration of VM-Series firewalls in AWS. It supports east-west deployment (with transit gateway), centralized egress, and distributed inbound deployment of VM-Series firewall. Customer will choose the existing template, select the parameters for the template and that will create all the necessary resources. Step by step details are available here:
Support
Vendor support
To help you get started with your deployment such as how-to videos, deployment guides and reference architectures, please visit: https://live.paloaltonetworks.com/t5/aws/ct-p/AWS For post-sales support, you can use the following options: Call us at 1 (866) 898-9087
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
The VM-Series Next Generation Firewall (NGFW) gives security teams complete visibility and control over all networks using powerful traffic identification, malware prevention, and threat intelligence technologies.
![VM-Series Next-Generation Firewall Bundle 1 [VM-300]](https://d7umqicpi7263.cloudfront.net/img/product/894b830e-29ae-4de9-8cca-ccd00a500824.jpg)
The VM-Series next-generation firewall allows developers and cloud security architects to embed inline threat and data theft prevention into their application development workflows. Native AWS services combined with VM-Series automation features allow you to create "touchless" deployments.
The VM-Series Next Generation Firewall (NGFW) gives security teams complete visibility and control over all networks using powerful traffic identification, malware prevention, and threat intelligence technologies.
Expand your coverage against command and control, web-based, file-based, DNS protocol, and other threats with industries most advanced cloud delivered security services that protect your AWS workloads, VDIs and user traffic with AI/ML-powered VM-Series virtual firewalls from Palo Alto Networks. This listing includes 24x7 Premium Support.
Protect AWS workloads, VDIs, and user traffic with AI/ML-powered virtual firewall from Palo Alto Networks. This listing includes VM-Series virtual firewall, Palo Alto Networks flagship - Advanced Threat Prevention security service and 24x7 premium technical support
Customer reviews
MuhammadNadeem
Has supported urgent deployments and enabled inline threat protection but pricing and features could be more flexible
Reviewed on Nov 06, 2025
Review provided by PeerSpot
What is our primary use case?
I am not working on a NAC solution. I am working on Palo Alto Networks VM-Series firewall, and I am mainly working with firewalls.
I am totally working with Palo Alto Networks VM-Series products. I am working with VMs, including 400 series, 1400 series, and 3400 series firewalls, which are next-generation firewalls and fourth-generation firewalls of Palo Alto Networks VM-Series.
I am also working with VMs for Palo Alto Networks VM-Series, and for POCs sometimes. Mostly, I provide solutions for some of our customers who need urgent solutions with Palo Alto Networks VM-Series. I provide them VMs and activate the licenses from Palo Alto as a partner. We are working as innovator partners with Palo Alto. Sometimes for POCs and for urgent solutions, if the customer or some organization needs it, we provide them Palo Alto Networks VM-Series and it works fine.
We are working with Dynamic Address Groups in Palo Alto Networks VM-Series. Mostly, we use them for securing our network and for blocking malicious traffic from specific sources around the globe. We block them through Dynamic Address Groups as a source and create another policy for that. We block any dynamic addresses coming with malicious traffic using specific policies. We use Dynamic Address Groups and after tagging those malicious IPs, when they come to our firewall from outside or from inside, including some of our local computers, if we detect something concerning such as bots or similar traffic, we block them using Dynamic Address Groups.
Advanced Threat Protection is working in Palo Alto Networks VM-Series. In Advanced Threat Protection, we use inline protection features, including anti-malware solutions and vulnerability protection. We mostly use Advanced Threat Protection because Palo Alto provides the core subscription and core security bundle, which is cheaper than the other bundle. We propose the same bundle to customers because it is cheaper and includes DNS security, SD-WAN, vulnerability protection, URL filtering, anti-spyware, and antivirus subscriptions bundled in the same core bundle. If I buy only threat protection separately, it is more expensive than this bundle. We create security profiles for spyware and antivirus and provide inline protection to customers.
What is most valuable?
App-IDs in Palo Alto Networks VM-Series are very important and working fine. We mostly use App-IDs due to which we are securing customers who are vulnerable and who need security solutions.
There are Dynamic Address Groups, EDLs, and integration with other solutions such as Forescout for Palo Alto Networks VM-Series, which we did two years ago. There are API integrations as well. We mostly automate the security structure for the organization using SIEM solutions, integration with SIEM solutions, and XDR solutions. This is very interesting.
What needs improvement?
I am not using Palo Alto Networks VM-Series mostly, but based on my experience, there are some deficiencies in Palo Alto Networks VM-Series. Having those features missing, we are not proposing Palo Alto Networks VM-Series to all customers. However, for urgency and for some solutions that customers need for some of their other sites and subdivisions, we are providing the same.
For how long have I used the solution?
I have been working with Palo Alto Networks VM-Series since 2020, which is approximately six to seven years back.
What do I think about the stability of the solution?
Palo Alto Networks VM-Series is very stable.
What do I think about the scalability of the solution?
Scalability for Palo Alto Networks VM-Series is eight out of ten.
How are customer service and support?
Technical support for Palo Alto Networks VM-Series is provided through premium partner support. We are working with StarLink, and they are providing the best solution and best support. We have advanced partnership and advanced support for some of our customers. They are good with technical solutions.
Which solution did I use previously and why did I switch?
Palo Alto Networks VM-Series is better than Fortinet, mainly in its SP3 structure, flexibility, and reliability, and based on feedback from customers. Most of our customers have shifted from Fortinet to Palo Alto Networks VM-Series. Their feedback indicated concerns about slowness, subscription renewals, and other aspects they were not happy with.
Which other solutions did I evaluate?
Fortinet is the main competitor for Palo Alto Networks VM-Series on the market.
What other advice do I have?
Prices of Palo Alto Networks VM-Series are higher than other firewalls and other solutions. However, we are using its security features and proposing them, mostly winning tenders with this product. Palo Alto Networks VM-Series is a very best solution if you have subscription and extra support, and I would rate this solution seven to eight out of ten. I would give this review an overall rating of eight.
Sanket Bhostekar
Experience with integrated visibility and ongoing support fulfills requirements effectively
Reviewed on Jul 31, 2025
Review provided by PeerSpot
What is our primary use case?
We have a Firewall as well as a Synapse solution, and we have EDR, XDR as well. The Palo Alto Networks VM-Series Firewall is what we are using.
What is most valuable?
From a Synapse perspective, they have better visibility, better CV detection, better exposure detection, and it is in a single tool, so we are happy with it.
The integration of Palo Alto Networks VM-Series within my existing network infrastructure and security tools is good; they are resilient, and we can integrate with anything easily.
What needs improvement?
There is one thing regarding Palo Alto Networks VM-Series that they need to look into, which is ISPM, Identity Security Posture Management, and other than that, I could see there are multiple things which they have already been doing well.
Technical support is good for Palo Alto Networks VM-Series, but sometimes for new feature requests, we are facing challenges. We are the conglomerate, so individual business has different requirements, which we are expecting some new requests for. Whenever any custom requirement exists in an existing tool, they are taking much time with the engineering team, which is the only thing I'm expecting them to improve. Other than that, this product is very good.
I think overall security is something they need to make into a single pane of glass to help the customer who is using only the single Palo Alto Networks vendor, so they will get end-to-end visibility in a single console.
For how long have I used the solution?
I have been using them for around three years.
What do I think about the scalability of the solution?
My experience with the scalability of Palo Alto Networks VM-Series is good; whenever we are facing any issues, they are helping, and it is a scalable environment.
How are customer service and support?
Technical support is good for Palo Alto Networks VM-Series, but sometimes for new feature requests, we are facing challenges.
What other advice do I have?
We are generally satisfied with Palo Alto Networks VM-Series.
I would rate Palo Alto Networks VM-Series technical support an eight out of ten.
I would recommend Palo Alto Networks VM-Series to others.
I am a customer of Palo Alto Networks.
Actually, we are trying to migrate to Cortex Cloud; currently, we are using Prisma, so we are in the phase to migrate to Cortex Cloud, but have not yet migrated, so I am not experienced with it and cannot give feedback about it.
We haven't used Prisma Access Browser.
Overall rating: 10/10
Oyvind Mattland
Enhance security with robust DNS and threat prevention features
Reviewed on Apr 30, 2025
Review provided by PeerSpot
What is our primary use case?
The use case varies. I use it as a gateway, and others use it for microsegmentation in the cloud. Additionally, some deploy it on-premises to protect specific environments. Most of the use cases are in cloud environments.
What is most valuable?
The most valuable features are the DNS security and threat prevention capabilities. The DNS security significantly enhances security through visibility and detection, allowing control over crucial traffic like DNS, which is often exploited by ransomware. Additionally, threat prevention and URL security are crucial licenses I recommend to customers, raising the security level substantially.
What needs improvement?
There are continuous developments with many new features coming every year. Although I receive feature requests from customers, I don't have any particular areas for improvement in mind right now.
For how long have I used the solution?
I have been working with Palo Alto Networks VM-Series for more than ten years.
What was my experience with deployment of the solution?
Setting up the VM-Series is usually very easy. The firewall can be deployed and set up within half an hour, though it depends on the complexity of the configuration.
What do I think about the stability of the solution?
In terms of stability, I would rate it eight out of ten. Perfection is unlikely as the dynamic nature of traffic and constant changes can result in occasional bugs despite regular updates. Perfection in stability remains challenging for any vendor.
What do I think about the scalability of the solution?
I rate the scalability of Palo Alto Networks VM-Series ten out of ten. It is easy to use with an excellent graphical user interface and extensive documentation, which contributes to its high scalability.
How are customer service and support?
I conduct most of the support myself and rate the overall support a nine out of ten. However, sometimes cases take longer to resolve, and there's always room for improvement, especially in terms of response time from higher support levels.
How was the initial setup?
The initial setup is straightforward and easy. The process involves registering and configuring the software, and with flex mode, it is easy to scale by purchasing additional credits for more CPU and RAM without needing new hardware.
What's my experience with pricing, setup cost, and licensing?
The pricing is more on the expensive side, but it is justified due to its functionality, reliability, and throughput, even with all features enabled. In comparison to FortiGate , Check Point, and Cisco, the performance does not degrade significantly. Although I rate the cost six out of ten, the features justify the higher expense.
What other advice do I have?
Overall, I rate Palo Alto Networks VM-Series an eight out of ten. While no product is perfect, I am satisfied with its performance and value.
Aravind Vellingiri
Enhance cybersecurity for large enterprises using advanced threat management
Reviewed on Apr 25, 2025
Review provided by PeerSpot
What is our primary use case?
Our primary use case involves working with TVS Group of companies in India, a large automobile manufacturer. We take care of their entire cybersecurity system. We implement Palo Alto Networks VM-Series firewalls along with third-party vendors and support them remotely for their day-to-day issues. We use these solutions to enhance cybersecurity and provide protection against various security threats.
What is most valuable?
The VM-Series firewalls are described as useful for security posture, offering next-generation features such as Unified Threat Management, app-centric capabilities, and threat intelligence. The firewalls use sandboxing and behavioral analysis to allow or quarantine new traffic. They help in identifying legitimate domains and instruct admins if approval is needed. This set of features is very helpful in daily tasks.
What needs improvement?
An improvement could be the integration of security intelligence with Palo Alto cloud via APIs. This would allow IOCs, domains, and hash values to be automatically entered, reducing manual entry. Integration with CSIRT across all use levels would make it easier for administrators to stay updated on the blocked entities without manual intervention.
For how long have I used the solution?
I have been working with Palo Alto Networks VM-Series firewalls for about four to five years.
What do I think about the stability of the solution?
Generally, the VM-Series firewalls are stable. I would rate the stability as eight out of ten.
What do I think about the scalability of the solution?
The solution is scalable and can easily handle an increase in the number of users.
How are customer service and support?
I have worked with Palo Alto technical support for over two years. They are responsive and provide high-quality assistance. Previously, I have raised tickets, and they were efficiently handled by the technical team. My experience has been positive overall.
How was the initial setup?
The initial setup of the VM-Series firewalls is quite easy compared to traditional firewalls. It is manageable with fewer administrators required. On a scale of one to ten, I would rate the setup as nine for its ease of implementation.
What about the implementation team?
I am directly involved in the implementation of these firewalls. It typically takes around two to three hours to deploy the firewalls in a single environment.
What other advice do I have?
The solution is user-friendly and easy to manage within an environment. As a VM, it requires no physical space and can be managed with one or two admins. It's also 99.9% secure, according to cloud security standards. Overall, I give Palo Alto Networks VM-Series a rating of nine out of ten.
RonnieYazdani
User-friendly CLI and efficient dashboard streamline operations with robust security features
Reviewed on Apr 17, 2025
Review provided by PeerSpot
What is our primary use case?
We usually recommend Palo Alto Networks VM-Series for BFSI companies.
What is most valuable?
I find Palo Alto Networks VM-Series easy to deploy, and none of my customers have had significant complaints. My customers have high certifications provided by Palo Alto Networks. The friendly dashboard and the ability to easily command and use the CLI make Palo Alto Networks VM-Series a better product. It offers robust solutions, making it valuable to my customers.
What needs improvement?
It may be beneficial if the firewall can monitor all internal elements like VMs pulling from HP servers. Consolidating these insights into a single dashboard would be advantageous.
For how long have I used the solution?
I have been familiar with Palo Alto Networks for four or five years.
What do I think about the stability of the solution?
The performance of VM instances has some limitations in terms of threshold and throughput compared to appliances.
What do I think about the scalability of the solution?
I would rate scalability as eight out of ten.
How are customer service and support?
Palo Alto Networks offers better technical support, maintaining SLA efficiently, and resolving issues promptly.
Which solution did I use previously and why did I switch?
In some cases, I have migrated from Cisco to Palo Alto Networks VM-Series smoothly.
What's my experience with pricing, setup cost, and licensing?
Pricing for Palo Alto Networks is higher than other OEMs, but considering the robustness and features, it gains customer trust. Technical configuration is a focus area due to its high commercial profile.
Which other solutions did I evaluate?
I consider Check Point alongside Palo Alto Networks, as well as Cisco for wireless solutions.
What other advice do I have?
When evaluating, consider the customer’s environment and pain points since both Check Point and Palo Alto Networks have their advantages. Overall, I rate Palo Alto Networks VM-Series eight out of ten.