What’s New
Table of Contents
Expand all | Collapse all
-
- About Cloud NGFW for AWS
- Getting Started from the AWS Marketplace
- Cloud NGFW for AWS Pricing
- Cloud NGFW for AWS Free Trial
- Cloud NGFW for AWS Limits and Quotas
- Subscribe to Cloud NGFW for AWS
- Cross-Account Role CFT Permissions for Cloud NGFW
- Invite Users to Cloud NGFW for AWS
- Manage Cloud NGFW for AWS Users
- Deploy Cloud NGFW for AWS with the AWS Firewall Manager
- Enable Programmatic Access
- Terraform Support for Cloud NGFW AWS
- Provision Cloud NGFW Resources to your AWS CFT
- Usage Explorer
What’s New
Learn about the latest changes to Cloud NGFW for AWS.
Here’s what’s new in Cloud NGFW for AWS.
What's New in August 2023
Use Multiple Panorama with Your Cloud NGFW Tenant | You can now link your Cloud NGFW tenant with multiple Panorama
appliances to meet your governance model, regional presence, and
data residency requirements. From then on, you can configure and
manage your Cloud NGFW resource with one of the linked Panorama. To
see how to add Panorama to Cloud NGFW for AWS, see this
documentation. |
Premium Support added to Cloud NGFW for AWS | Premium support is now included with Cloud NGFW for AWS at no
additional charge. Palo Alto Networks Premium Support enhances
in-house resources with technical experts available to support your
Palo Alto Networks security infrastructure. This support level
provides access to Security Assurance to assist when security
incidents require access to security experts. For more information,
see Premium Support. |
Dynamic Cortex Data Lake Sizing for Cloud NGFW for AWS | You can now use Cortex Data Lake (CDL) to perform Explore/Log
Viewer queries to view logs generated by a specific Cloud NGFW for
AWS resource. Cortex Data Lake also displays key metrics for your
Cloud NGFWs in a dedicated Cloud NGFW for Cortex Data
Lake Inventory Page to better monitor ingestion rate, storage
usage, and connection status. When used with Cloud NGFW for AWS,
Cortex Data Lake now automatically scales along with the Cloud NGFW
for AWS resources. As traffic throughput increases on these Cloud
NGFW resources, so does your available CDL storage so that you don't
need to worry about making manual adjustments to Cortex Data Lake
storage to save your log data. |
Usage Explorer | This release introduces the Usage Explorer in the Cloud NGFW for
AWS console. The Usage Explorer dashboard allows you to view Cloud
NGFW consumption and how it correlates with credits associated with
the tenant. The Usage Explorer is
currently available as a preview. For more information, see
Cloud NGFW for AWS Usage
Explorer. |
Pricing and Billing Changes | Cloud NGFW for AWS changes the pricing model to provide more
flexibility for aggregate Cloud NGFW tenant usage based on the
deployment hours of all NGFWs, how much traffic they secured, and
how many security features they use every hour. See the Pricing page for more information. |
What’s New in July 2023
View Cloud NGFW Logs and Activity in Panorama | In the Panorama Monitor tab you can now apply a filter to view
the log of an individual Cloud Device Group, or display logs and
activity for all Cloud Device Groups. See View Cloud NGFW Logs and
Activity for more detailed information. |
Tag Based Policies | As you deploy or terminate AWS assets (such as EC2 instances) in
the AWS public cloud, you can automatically update security policy
on your Palo Alto Networks Cloud NGFW resources so that you can
secure traffic to these AWS assets. |
What’s New in June 2023
Unlinking support for Panorama integration | Unlink your Panorama virtual appliance from a Cloud NGFW
resource. See Unlink the Cloud NGFW
from Palo Alto Networks Management for more information.
|
What’s New in May 2023
Additional AWS Region Support | Cloud NGFW for AWS is now available in the following AWS
regions.
See Cloud NGFW for AWS Supported Regions and Zones for the
complete list of supported regions. |
Panorama Integration Public Preview | Integrate Cloud NGFW for AWS with Palo Alto Networks Panorama.
Use a Panorama appliance to manage a shared set of security rules
centrally on Cloud NGFW resources alongside your physical and
virtual firewall appliances. See Panorama Integration for
more information. |
What’s New in April 2023
Additional AWS Region Support | Cloud NGFW for AWS is now available in the following AWS
regions.
See Cloud NGFW for AWS Supported Regions and Zones for the
complete list of supported regions. |
Panorama Integration Public Preview | Integrate Cloud NGFW for AWS with Palo Alto Networks Panorama.
Use a Panorama appliance to manage a shared set of security rules
centrally on Cloud NGFW resources alongside your physical and
virtual firewall appliances. See Panorama Integration for
more information. |
What’s New in March 2023
Tenant Reader Role | As a Cloud NGFW TenantAdministrator you can now invite other
users in the TenantReader role. A user with this role can view
and describe all aspects of the Cloud NGFW tenant such as
|
What’s New in February 2023
Additional AWS Region Support | Cloud NGFW for AWS is now available in the following AWS
regions.
See Cloud NGFW for AWS Supported Regions and Zones for the
complete list of supported regions. |
Cloud NGFW for AWS Videos |
What’s New in January 2023
Additional AWS Region Support | Cloud NGFW for AWS is now available in the following AWS
regions.
See Cloud NGFW for AWS Supported Regions and Zones for the
complete list of supported regions. |
What’s New in December 2022
Multi-VPC Cloud NGFW Resource | You can share the same Cloud NGFW
resource across multiple virtual private clouds (VPCs) in the
onboarded AWS accounts of your tenants. You can create endpoints
for an NGFW resource in different VPCs and route traffic to the
NGFW resource for inspection. |
Cloud NGFW for AWS Blogs, Articles, etc. | |
Cloud NGFW for AWS Videos |
What’s New in November 2022
Multiple AWS Accounts in Cloud NGFW Tenant | You can onboard multiple AWS accounts onto the same Cloud NGFW
tenant and create Cloud NGFW resources in these accounts. See
Add Multiple AWS
Accounts for more information. |
Cloud NGFW for AWS Blogs, Articles, etc. | Cloud NGFW for AWS -
FAQ ( Updated ) |
Cloud NGFW for AWS Videos |
What’s New in October 2022
Cloud NGFW for AWS Blogs, Articles, etc. | |
Cloud NGFW for AWS Videos |
What’s New in September 2022
Cloud NGFW for AWS Videos |
What’s New in August 2022
Simplified Cloud NGFW Subscription, and Account Onboarding | You can subscribe to Cloud NGFW for AWS and onboard your AWS
accounts in a few clicks with minimal context switches between
the AWS Marketplace & Cloud NGFW console. Please visit the documentation page and
AWS video to learn
more about this feature. |
Cloud NGFW for AWS Blogs, Articles, etc | |
Cloud NGFW for AWS Videos |
What’s New in July 2022
Cloud NGFW for AWS Credits | You can now move to a one-year, two-years or three-years contract
by subscribing to the Palo Alto Networks Cloud NGFW for AWS
Credits SaaS contracts listing for a specified number of
credits.This subscription associates Cloud NGFW for
AWS credits with your existing Cloud NGFW Tenant.
Cloud NGFW for AWS credits allow you to consume Cloud NGFW
resources in your tenant at a lower cost up to a specific
capacity until your contract expires while retaining the ability
to expand your Cloud NGFW consumption anytime. |
Inbound Decryption | You can now use Cloud NGFW for AWS to decrypt, inspect, and
protect inbound SSL/TLS sessions of your VPC Ingress
traffic. See Set Up Inbound Decryption on Cloud NGFW for AWS for more
information. |
Additional AWS Region Support | Cloud NGFW for AWS is now available in the following AWS
regions.
See Cloud NGFW for AWS Supported Regions and Zones for the
complete list of supported regions. |
What’s New in June 2022
Audit Logs in Cloud NGFW | You can now view Cloud NGFW audit logs in your Cloudwatch
account. Please visit the documentation to learn
more about this feature. |
XFF Support in Cloud NGFW Policy | You can now enable Cloud NGFW resources to use the Source IP
address in X-Forwarded-For (XFF) HTTP header field to enforce
the policy. See the documentation to learn
more. |
Additional AWS Region Support | Cloud NGFW for AWS is now available in the following AWS
regions.
See Cloud NGFW for AWS Supported Regions and Zones for the
complete list of supported regions. |
Cloud NGFW for AWS Videos |
What’s New in May 2022
Terraform Support for Cloud NGFW for AWS | With the new cloudngfwaws provider,
you can automate the process of building your security
infrastructure and maintaining the network security posture of
your AWS VPCs using Cloud NGFW rulestacks. See Terraform Support
for Cloud NGFW for AWS and the detailed blog to learn more
about the Terraform provider. |
Additional AWS Region Support | Cloud NGFW for AWS is now available in the following AWS
regions.
See Cloud NGFW for AWS Supported Regions and Zones for the
complete list of supported regions. |
CloudFormation Support for Cloud NGFW for AWS | CloudFormation resource types are now available as public
extension in the AWS CloudFormation
registry. You can now add these Cloud NGFW resources directly to your Cloud
Formation templates in the same manner you use AWS-provided
resources. These resource types enable you to deploy and manage
Cloud NGFW components using Infrastructure as Code (IaC)
workflows. See Provision Cloud NGFW Resources to your AWS CFT to learn more
about the AWS CloudFormation support for Cloud NGFW. |
Cloud NGFW for AWS Blogs, Articles, etc. | |
What’s New in April 2022
Cloud NGFW for AWS Free Trial | You can now try and buy Cloud NGFW for AWS directly from the AWS
Marketplace. The Free Trial allows you to use two NGFW resources
with full features to secure 100 GB of traffic for seven days at
no cost. Get started today! To get hands-on experience with the Cloud
NGFW, subscribe via the AWS Marketplace. To
learn more about the Cloud NGFW free trial, see Cloud NGFW for AWS Free Trial. |
Additional AWS Region Support | Cloud NGFW for AWS is now available in the us-west-2 (Oregon) AWS
region. See Cloud NGFW for AWS Supported Regions and Zones for the
complete list of supported regions. |
Cloud NGFW for AWS Programmatic Access | You can now programmatically create and manage Cloud NGFW
resources using the REST APIs. You can use the IAM role in your
AWS account to access the Cloud NGFW APIs, then configure which
IAM resources can assume this role. To learn more about the Cloud NGFW for AWS Programmatic Access,
see Enable Programmatic Access and the Cloud NGFW for AWS REST API
Guide. |
Cloud NGFW for AWS Blogs, Articles, etc. | |
Cloud NGFW for AWS Videos |
What’s New in March 2022
Introducing Cloud NGFW for AWS | Cloud NGFW for AWS is a fully managed service on the AWS
platform, powered by Palo Alto Networks software firewalls. With
Cloud NGFW for AWS, you now have an NGFW deployment experience
that handles the delivery of the Palo Alto Next-Generation
Firewall capabilities and infrastructure in one motion. Cloud NGFW for AWS is a regional service. Currently, it is
available in US East (N. Virginia) and US West (California)
regions. See the Cloud NGFW for the AWS announcement on the
Palo Alto Networks blog and the technical blog on the
Live community page for more information. Please subscribe via the AWS Marketplace page to get hands-on
experience with this service. To learn more about Cloud NGFW,
its features, and its pricing, visit the technical
documentation, video playlist, and
FAQ pages. |
AWS Firewall Manager Supports the Cloud NGFW | You can use AWS Firewall Manager to orchestrate the deployment of
Palo Alto Networks Cloud NGFWs and get centralized visibility.
AWS Firewall Manager automatically and consistently adds Palo
Alto Networks Cloud NGFWs to new accounts and VPCs with no
manual intervention. This integration reduces any operational
heavy-lifting required to monitor new accounts, adds firewall
protections, and offers visibility into non-compliant
configurations across accounts in your organization. See the AWS Firewall Manager
announcement, the AWS Firewall Manager
documentation page, and Jeff Barr’s blog on
integration. |
Cloud NGFW for AWS Videos |