reference deployment

Palo Alto Networks VM-Series on AWS

Virtual firewall designed for AWS workloads

View deployment guide for details

This Partner Solution uses a Terraform module to deploy Palo Alto Networks VM-Series on the Amazon Web Services (AWS) Cloud. It is for security teams that want a virtual edition of Palo Alto's Next-Generation Firewall (NGFW) to secure workloads on AWS. VM-Series protects your applications and data using an allow list and segmentation policies that are dynamically updated based on AWS tags. For more information, refer to paloaltonetworks.com.

 

Palo Alto logo

This Partner Solution was developed by Palo Alto in collaboration with AWS. Palo Alto is an AWS Partner.

  •  What you'll build

  • This Partner Solution sets up the following:

    • A highly available architecture that spans two Availability Zones.*
    • A virtual private cloud (VPC) configured with public and private subnets, according to AWS best practices, to provide you with your own virtual network on AWS.*
    • An internet gateway that connects the VPC to the internet.*
    • VM-Series deployed to two Amazon Elastic Compute Cloud (Amazon EC2) instances, one per Availability Zone.
    • In the public subnets, elastic network interfaces attached to VM-Series. The network interfaces serve as the data plane network, managing traffic to and from the firewall. 
    • In the private subnets, network interfaces attached to VM-Series.

    *  The template that deploys the Terraform module into an existing VPC skips the components marked by asterisks and prompts you for your existing VPC configuration.

  •  How to deploy

  • To deploy this Partner Solution, refer to the instructions and examples in the GitHub repository.

    Amazon may share user-deployment information with the AWS Partner that collaborated with AWS on this solution.  

    View deployment guide for details
  •  Cost and licenses

  • You are responsible for the cost of the AWS services and any third-party licenses used while running this Partner Solution reference deployment. There is no additional cost for using this Partner Solution.

    The Terraform module for this Partner Solution includes configuration parameters that you can customize. Some of these settings, such as instance type, affect the cost of deployment. For cost estimates, refer to the pricing pages for each AWS service you use. Prices are subject to change.

    Tip: After you deploy the Partner Solution, create AWS Cost and Usage Reports to track costs associated with the Quick Start. These reports deliver billing metrics to an Amazon Simple Storage Service (Amazon S3) bucket in your account. They provide cost estimates based on usage throughout each month and aggregate the data at the end of the month. For more information about the report, refer to  What are AWS Cost and Usage Reports?