Hyperscale Security Fabric
Focus
Focus
Prisma AIRS

Hyperscale Security Fabric

Table of Contents

Hyperscale Security Fabric

HSF eliminates the need for third-party external load balancing by deploying AI-Gateways as fixed capacity NGFWs that both inspect and also load balance to the dynamically scaling DP nodes behind them.
Where Can I Use This?What Do I Need?
  • Prisma AIRS
  • Software NGFW Credits
  • HSF subscription license
The Hyperscale Security Fabric (HSF) is an innovative solution designed to address the scalability and performance needs of large data centers and service providers. HSF contains Gateway nodes and auto-scaling DP nodes which help to manage normal throughput and fluctuations in traffic. By deploying AI-Gateways as fixed capacity NGFWs and dynamically scaling AI-DP instances behind them, you can efficiently manage your network security as your data center grows.
HSF eliminates the need for third-party external load balancing by utilizing a firewall cluster that can be exposed as a single IP through ECMP. This solution offers flexibility in deployment, allowing you to place AI-Gateways and AI-DP firewalls within the same or separate hosts. You can leverage HSF to achieve high throughput capabilities, with the ability to reach 100 Gbps using 4 AI-Gateways and scale to over 200 Gbps with additional AI-DP instances. With its auto-scaling capabilities in vSphere environments, HSF provides a robust and adaptable security solution for your evolving network infrastructure needs.
You can deploy the HSF cluster in ESXi environments using a Panorama plugin and the deployment supports one HSF cluster within a single vCenter. HSF supports:
  • Session resiliency with session failover to healthy firewall instances.
  • Auto-scaling based on session utilization. You can configure auto-scale parameters to dynamically adjust the number of AI-DP instances based on traffic demands.
  • Simplified and automated deployment through the Software Orchestration Panorama plugin.
  • Rolling upgrades with rollback support, ensuring minimal disruption during maintenance.
  • Monitoring and visibility to view the firewall cluster as a single entity within Panorama.
  • Customer-facing APIs and CLIs for querying individual firewall member status and performance metrics.