Vendor Information


Virtualized Firewall Platforms


The Palo Alto Networks VM-Series features three virtualized next-generation firewall models – the VM-100, VM-200, and VM-300. These platforms are supported on the VMware ESXi 4.1, 5.0 and 5.5 platforms, and the Citrix NetScaler SDX 11500 and 17550 Series.

You can deploy the VM-Series on ESXi servers in virtualized and for cloud environments for East West traffic inspection. The VM-Series on Citrix NetScaler consolidates security and application delivery controller capabilities for multi-tenant (business unit, application owner, service provider customer) deployments or as a complete solution for Citrix XenApp XenDesktop deployments.

2, 4, or 8 CPU cores on your virtualized server platforms can be assigned for next-generation firewall processing. With 4 CPU cores running, the VM-Series delivers up to 1 Gbps firewall throughput with App-ID enabled. To ensure that management is accessible to you during heavy traffic, the data and control plane are separated. In addition, our unique single-pass software architecture processes functions in a single pass to reduce latency.

VM-Series on the ESXi servers supports 10 virtual network interfaces while VM-Series on the Citrix NetScaler SDX supports 24 virtual network interfaces.

The VM-Series runs PAN-OSTM, a security-specific operating system that:

  • Safely enables all applications, regardless of ports, protocols and evasive tactics
  • Protects you against all known and unknown threats
  • Integrates flexibly in the virtualized environment at layers 1, 2, or 3

Our PAN-OS next-generation firewall capabilities, such as Dynamic Address Groups and VM-Monitoring, allow you to tie your security policies to virtual machine adds, moves and changes, and to create security policies that instantly sync with virtual workload creation.

 

Compare firewalls >>

 

VM Series Overview

VM-300

250,000 max sessions
2,000 IPSec VPN tunnels/tunnel interfaces
500 SSL VPN Users
40 security zones
5,000 max number of policies
10,000 address objects
1Gbps Firewall Throughput (App-ID enabled)*
600 Mbps Threat Prevention Throughput*
250 Mbps IPSec VPN Throughput*
8,000 New sessions per second*

vm-series

 VM-200

100,000 max sessions
500 IPSec VPN tunnels/tunnel interfaces
200 SSL VPN Users
20 security zones
2,000 max number of policies
4,000 address objects
1Gbps Firewall Throughput (App-ID enabled)*
600 Mbps Threat Prevention Throughput*
250 Mbps IPSec VPN Throughput*
8,000 New sessions per second*

 vm-series
 VM-100

50,000 max sessions
25 IPSec VPN tunnels/tunnel interfaces
25 SSL VPN Users
10 security zones
250 max number of policies
2,500 address objects
1Gbps Firewall Throughput (App-ID enabled)*
600 Mbps Threat Prevention Throughput*
250 Mbps IPSec VPN Throughput*
8,000 New sessions per second*
 vm-series

*Performance and capacities are measured under ideal testing conditions using PAN-OS 5.0 and 4 CPU cores.

Contact

Steve Murgatroyd

Vendor Product Manager

01753 797979

e-techsales@westconsecurity.co.uk