>
    Strata Copilot
    What's New
    Focus
    Download PDF
    Focus
    1. Home
    2. Cloud NGFW for AWS
    3. What's New
    Download PDF
    Cloud NGFW for AWS

    What's New

    Table of Contents

    What's New

    Learn about the latest changes to Cloud NGFW for AWS.
    Where Can I Use This?What Do I Need?
    • Cloud NGFW for AWS
    • Cloud NGFW subscription
    • Palo Alto Networks Customer Support Account (CSP)
    • AWS Marketplace account
    • User role (either tenant or administrator)
    Here’s what’s new in Cloud NGFW for AWS:

    What's New in March 2026

    Cloud NGFW for AWS Now Supports IPv6 Dual-Stack Traffic
    Cloud NGFW for AWS now supports IPv6 dual-stack (IPv4 + IPv6) traffic inspection. With this feature, you can enable AWS Network Firewall endpoints to filter both IPv4 and IPv6 traffic in dual-stack subnets/VPCs. For more information, see Configure Egress NAT and Create a Cloud NGFW for AWS Resource.

    What's New in December 2025

    Egress NAT Add-On PricingEffective December 2025, Palo Alto Networks is implementing a previously announced Cloud NGFW on AWS Egress NAT pricing. When you configure Egress NAT on Cloud NGFW, Cloud NGFW will inspect and perform source NAT on all Internet Egress traffic. In this case, you no longer incur AWS NAT gateway costs but would pay Palo Alto Networks for the egress traffic data transfer and Palo Alto Networks-managed AWS Elastic IPs if you choose not to transfer your BYOIPs to Palo Alto Networks. For more information, see Cloud NGFW for AWS Pricing.

    What's New in November 2025

    Try & Buy Cloud NGFW in Strata Cloud ManagerYou can now Try & Buy Cloud NGFW for AWS natively in Strata Cloud Manager (SCM). Before this, you were required to first subscribe to the service from the AWS Marketplace, acquire AWS admin credentials, establish cross-account IAM permissions, create new user identities, and then navigate across multiple consoles to create firewalls, endpoints, and policies. This new feature drastically simplifies how you get started, deploy, operate, and manage billing for Cloud NGFW for AWS—all within a single SCM console. For more information, see the Getting Started from Strata Cloud Manager.
    Panorama and Strata Logging Service linking Improvements
    You no longer need to procure Strata Logging Service separately for your Panorama-managed Cloud NGFW resources. You just associate your Panorama with an existing Strata Tenant (TSG), which you had previously activated based on your Strata Cloud Manager Pro/Essential licenses. If you do not have a Strata Cloud Manager, you can activate a new Strata Cloud Manager Essentials (steps 1-9) and associate your Panorama with it. In either case, when you link the Cloud NGFW to a Panorama previously associated with the Strata tenant, the integration automatically enables Strata Logging Service and SCM Pro features for Cloud NGFW.
    To ensure successful integration, the linking process now validates whether your Panorama is associated with a Strata tenant and automatically enables the SLS configurations. For more information, see the Panorama Policy Management.
    Cloud NGFW for AWS Blogs, and Articles.
    Introducing Credit Visibility for Cloud NGFW
    Cloud NGFW Earns Mericom Award, Simplifies Try & Buy experience
    Cloud Security's Breaking Point: Is Your Operating Model Failing?
    Boost Cloud Security with Cloud NGFW: Achieve 163% ROI & More

    What's New in August 2025

    Simplified OnboardingCloud NGFW for AWS enhances the onboarding experience by eliminating the need to onboard the AWS account to the Cloud NGFW tenant before creating resources and enabling endpoints in any of its VPCs. You no longer need to onboard the AWS account to create endpoints; You simply allowlist the AWS account when creating or updating Cloud NGFW resources. For more information, see Getting started from an AWS Member account.

    What's New in May 2025

    Additional metricsCloud NGFW for AWS publishes custom metrics in AWS CloudWatch to help you monitor the Config Memory Utilization of your Cloud NGFW resources. You can now track how much memory your resource has to add to configurations using local rulestack, Panorama or Strata Cloud Manager. For more information, see Publish and View Custom Metrics in AWS CloudWatch.
    Strata Cloud Manager Pro SupportYou can register your Cloud NGFW resources with an existing Strata Cloud Manager, which you had previously activated based on your Strata Cloud Manager Pro/Essential licenses. If you do not have a Strata Cloud Manager, you can activate a new Strata Cloud Manager Essentials (steps 1-8) to use with Cloud NGFW. In either case, the integration automatically enables Strata Cloud Manager Pro features for Cloud NGFW.

    What's New in April 2025

    Cloud NGFW Credit Usage VisibilityYou can now use the Cloud NGFW Credits Management Console to gain greater visibility into how your Cloud NGFW credits are used. You can now analyze your usage at different periods at a summary level for your tenant and NGFW resources while continuing to provide the ability to analyze your usage at a granular level for Cloud-Delivered Security Services (CDSS) and Centralized management (Panorama, Strata Cloud Manager, and Strata Logging Services). For more information, see Cloud NGFW Credit Usage Visibility.

    What's New in March 2025

    300 EndpointsYou can now create up to 300 endpoints for a Cloud NGFW resource. See Cloud NGFW for AWS Limits and Quotas for more information.
    Cloud NGFW Policy Management using Strata Cloud ManagerYou can register your Cloud NGFW resources with an existing Strata Cloud Manager, which you had previously activated based on your AIOps for NGFW, Prisma Access, or Strata Cloud Manager Pro licenses. For more information, see Strata Cloud Manager policy management.

    What's New in February 2025

    Cloud NGFW for AWS blogs, articles, etc.Cloud NGFW for AWS: Simplify Cloud Security with a Fully Managed Firewall Service

    What's New in January 2025

    Additional AWS Region Support
    Cloud NGFW for AWS is now available in the following AWS regions:
    • Asia Pacific (Hyderabad)
    • Asia Pacific (Melbourne)
    • Canada West (Calgary)
    See Supported Regions and Zones for the complete list of supported regions.

    What's New in December 2024

    Cloud NGFW for AWS blogs, articles, etc.AWS re:Invent 2024 - Securing applications with AWS and Palo Alto Networks (AIM271)

    What's New in October 2024

    Zone-based Policies
    Cloud NGFW for AWS allows you to classify your VPC traffic using Private and Public zones to simplify policy enforcement. You can also attach a Zone Protection profile to these private and public zones. Additionally, you create zone mappings to associate the security zones in your Panorama with Cloud NGFW’s Private (internal) or Public (external) zone. For more information, see Zone-based policies.Zone-based policies.
    Egress NAT
    Cloud NGFW for AWS adds support for Egress NAT (Network Address Translation). Egress NAT enables Cloud NGFW to perform source NAT on the traffic egressing out of the Cloud NGFW resource. This eliminates the need for a separate NAT gateway in your VPC for egressing traffic. For more information, see Egress NAT.

    What's New in August 2024

    Credit Distribution and Management
    You can now use the Cloud NGFW credits to fund both Cloud NGFW resources in AWS and Azure and all related CDSS services you would like to use with it. Use the credits for Panorama, Strata Cloud Manager or the Strata Logging Service. For more information, see Cloud NGFW Credit Distribution and Management.
    Cloud NGFW for AWS blogs, articles, etc.The Developer’s Guide to Cloud NGFW for AWS Part 4 (Policy-as-a-code for Panorama-managed Cloud NGFW)
    Cloud Native Security: Revolutionizing Cloud environments with Cloud NGFW

    What's New in June 2024

    Customer Support Portal OnboardingCloud NGFW for AWS now offers an integrated and intuitive experience to register your Cloud NGFW tenant with the Palo Alto Networks Customer Support Portal. For more information, see Register Your Cloud NGFW Tenant with a Palo Alto Networks Support Account.
    Automated Account OnboardingCloud NGFW for AWS allows you to onboard multiple application accounts using a Terraform module. With this functionality, you no longer need to onboard individual accounts manually. For more information, see Configure Automated Account Onboarding.
    Cloud NGFW for AWS VideosCloud NGFW for AWS: Integration With Strata Cloud Manager (SCM)

    What's New in May 2024

    Cloud NGFW Policy Management using Strata Cloud Manager
    You can now register your Cloud NGFW resource with Strata Cloud Manager (SCM) for policy management. With this feature, you can now use a single Strata Cloud Manager (SaaS instance) to manage a shared set of security rules centrally on Cloud NGFW resources alongside your physical and virtual firewall appliances. You can manage all aspects of shared policy configuration, push these shared policies, and generate reports on traffic patterns or security incidents of your Cloud NGFW resources - all from a single console. For more information, see Strata Cloud Manager Policy Management.
    CloudWatch Metrics Cloud NGFW now publishes additional metrics in AWS CloudWatch to help you monitor your Cloud NGFW's health, performance and usage patterns. For more information, see CloudWatch metrics.
    Display Zone IDCloud NGFW for AWS enhances multi-VPC functionality by allowing you to specify availability zone names when creating the firewall resources. AWS maps the physical Availability Zone IDs randomly to the Availability Zone Names for each AWS account. Prior to this, you had to manually determine the Availability Zone Name to a particular Availability Zone ID in your AWS account(s) and then use that information when creating Cloud NGFW resources. With this enhancement, Cloud NGFW allows you to specify the Availability Zone ID when you create a new firewall resource. For more information, see Create a NGFW Resource on AWS.
    Subscription ImprovementsCloud NGFW for AWS improves the information displayed on the Subscription page by displaying the status of your credit subscription. This page now indicates if your subscription is expired, active, or inactive.
    Additional AWS Region Support
    Cloud NGFW for AWS is now available in the following AWS region:
    • Asia Pacific (Osaka)
    See Supported Regions and Zones for the complete list of supported regions.
    Cloud NGFW for AWS blogs, articles, etc.The Developer’s guide to Cloud NGFW for AWS Part 3 (CLI)
    Cloud NGFW for AWS Videos Multi Panorama Support for Cloud NGFW for AWS

    What's New in April 2024

    Cloud NGFW for AWS blogs, articles, etc.The Developer’s guide to Cloud NGFW for AWS Part 2 (CloudFormation)
    Cloud NGFW for AWS Videos Advanced Threat Prevention with Cloud NGFW for AWS

    What's New in March 2024

    Advanced Threat PreventionCloud NGFW for AWS now uses Advanced Threat Prevention to block unknown command and control traffic and zero-day injection attacks. For more information, see Advanced Threat Prevention.
    Single-Sign-On (SSO) and Multi-Factor Authentication (MFA) ImprovementsCloud NGFW console access is integrated with Single-Sign-On (SSO) and Multi-Factor-Authentication (MFA) to offer convenience with security. You can also now use the same email address to register with multiple Cloud NGFW tenants. Cloud NGFW login page now allows you to select one of many Cloud NGFW accounts/tenants you use. For more information, see Subscribe to Cloud NGFW for AWS and Invite Users to Cloud NGFW for AWS.
    AWS Marketplace SaaS Quick Launch SupportCloud NGFW is now integrated with AWS Marketplace SaaS Quick Launch to make the AWS Marketplace subscription easy, fast, and secure by offering step-by-step instructions using a preconfigured AWS CloudFormation template. For more information, see Subscribe to Cloud NGFW for AWS.
    AWS CloudFormation Registry ImprovementsCloud NGFW Cloud Formation Registry is now updated with the latest features in firewall and rulestack resources, and built-in retrieval of programmatic access tokens. For more information, see Provision Cloud NGFW Resources to your AWS CFT.
    Enterprise Data Loss Prevention
    Enterprise Data Loss Prevention (E-DLP) allows you to protect sensitive information against unauthorized access, misuse, extraction, or sharing. You can now integrate E-DLP with Cloud NGFW for AWS and use the Panorama interface to add data filtering profiles to your Security Policy rules. For more information, see E-DLP Integration with CNGFW for AWS.
    Tag based policies Improvements
    You can now populate IP tags from two different regions to your cloud device groups. Harvest your tags from one AWS region, and then enforce security policies on your firewall in the other region. For more information, see Tag Based Policies.
    Cloud NGFW Rule Usage Metrics
    You can now use the Panorama console to track and monitor rule usage for operations and troubleshooting tasks, including the Rule Hit count, and Applications seen on the Cloud NGFW resources. For more information, see Cloud NGFW for AWS Rule Usage.
    To use this feature, you must upgrade to AWS Plugin version 5.2.0.
    Cloud NGFW Integration with AWS Cloud WAN
    Using AWS Cloud WAN, you can now build a unified network that interconnects cloud and on-premises environments and allows you to route traffic between:
    • VPCs in the same segment in the same region (Isolated attachments)
    • VPCs in different segments in the same region
    • VPCs in the same segment across different regions (Isolated attachments)
    • VPCs in different segments across different regions
    For more information, see Cloud NGFW Integration with AWS Cloud WAN.
    Cloud NGFW for AWS VideosCloud NGFW Integration with AWS Cloud WAN

    What's New in December 2023

    Cloud NGFW for AWS Blogs, Articles, etc.Cloud NGFW for AWS Pricing Estimator Guidelines

    What's New in October 2023

    Cloud NGFW for AWS Blogs, Articles, etc.Cloud NGFW for AWS Deployment Architectures

    What's New in September 2023

    Cloud NGFW for AWS Blogs, Articles, etc.Cloud NGFW for AWS Integrates with Panorama
    Cloud NGFW for AWS Resiliency Guide

    What's New in August 2023

    Multiple Panoramas for Cloud NGFW tenantYou can now link multiple Panorama appliances along with their Strata Logging Service instance to your Cloud NGFW tenant. You can then associate a tenant's NGFW resource with one of these links for policy and log management. For more information, see Use Multiple Panoramas with your Cloud NGFW Tenant.
    Premium Support added to Cloud NGFW for AWS Premium support is now included with Cloud NGFW for AWS at no additional charge. Palo Alto Networks Premium Support enhances in-house resources with technical experts available to support your Palo Alto Networks security infrastructure. This support level provides access to Security Assurance to assist when security incidents require access to security experts. For more information, see Premium Support.
    Dynamic Strata Logging Service Sizing for Cloud NGFW for AWSYou can now use Strata Logging Service to perform Explore/Log Viewer queries to view logs generated by a specific Cloud NGFW for AWS resource. Strata Logging Service also displays key metrics for your Cloud NGFWs in a dedicated Cloud NGFW for Strata Logging Service Inventory Page to better monitor ingestion rate, storage usage, and connection status. When used with Cloud NGFW for AWS, Strata Logging Service now automatically scales along with the Cloud NGFW for AWS resources. As traffic throughput increases on these Cloud NGFW resources, so does your available Strata Logging Service storage so that you don't need to worry about making manual adjustments to storage to save your log data.
    Usage Explorer (Preview)This release introduces the Usage Explorer in the Cloud NGFW for AWS console. The Usage Explorer dashboard allows you to view Cloud NGFW consumption and how it correlates with credits associated with the tenant. For more information, see Cloud NGFW for AWS Usage Explorer.
    Pricing and Billing ChangesCloud NGFW for AWS changes the pricing model to provide more flexibility for aggregate Cloud NGFW tenant usage based on the deployment hours of all NGFWs, how much traffic they secured, and how many security features they use every hour. See the Pricing page for more information.

    What’s New in July 2023

    Filter Cloud NGFW Logs and Activity in PanoramaIn the Panorama Monitor tab you can now filter to view the log of an individual Cloud Device Group, or display logs and activity for all Cloud Device Groups. See View Cloud NGFW Logs and Activity for more detailed information.
    Tag Based PoliciesAs you deploy or terminate AWS assets (such as EC2 instances) in the AWS public cloud, you can automatically update security policy on your Palo Alto Networks Cloud NGFW resources so that you can secure traffic to these AWS assets. See tag based policies for more information.
    WildFire
    Cloud NGFW can now protect your VPC traffic against file based threats by detecting and forwarding files, executables, and malicious scripts (such as JScript and PowerShell) in your VPC traffic to the WildFire™ (WF) cloud service for malware analysis.

    What’s New in June 2023

    Unlinking support for Panorama integrationYou can now unlink the Panorama appliance from a Cloud NGFW resource automatically without opening a support ticket. See Unlink the Cloud NGFW from Palo Alto Networks Management for more information.
    Cloud NGFW for AWS videoHow to Delete a Cloud NGFW resource

    What’s New in May 2023

    Panorama SupportYou can now integrate a Cloud NGFW for AWS tenant with Palo Alto Networks appliance to manage a shared set of security rules centrally on Cloud NGFW resources alongside your physical and virtual firewall appliances.
    See Panorama Integration for more information.
    Cloud NGFW for AWS videoCloud NGFW for AWS Integration with Panorama

    What’s New in April 2023

    Additional AWS Region Support
    Cloud NGFW for AWS is now available in the following AWS regions.
    • af-south-1 (Cape Town)
    See Supported Regions and Zones for the complete list of supported regions.

    What’s New in March 2023

    Tenant Reader Role
    As a Cloud NGFW TenantAdministrator you can now invite other users in the TenantReader role. A user with this role can view and describe all aspects of the Cloud NGFW tenant such as
    • NGFW resources and settings
    • Global and local rulestacks
    • All tenant users and tenant settings
    Cloud NGFW for AWS video
    Multi-VPC NGFW resource traffic flow

    What’s New in February 2023

    Additional AWS Region Support
    Cloud NGFW for AWS is now available in the following AWS regions.
    • ap-south-1 (Hong Kong)
    See Supported Regions and Zones for the complete list of supported regions.
    Cloud NGFW for AWS video
    Host Intelligent Feeds on S3 Bucket

    What’s New in January 2023

    Additional AWS Region Support
    Cloud NGFW for AWS is now available in the following AWS regions.
    • me-south-1 (Bahrain)
    See Supported Regions and Zones for the complete list of supported regions.

    What’s New in December 2022

    Multi-VPC Cloud NGFW Resource
    You can share the same Cloud NGFW resource across multiple virtual private clouds (VPCs) in the onboarded AWS accounts of your tenants. You can create endpoints for an NGFW resource in different VPCs and route traffic to the NGFW resource for inspection.
    Please visit the documentation page and a detailed blog to learn more about this feature.
    Cloud NGFW for AWS Blogs, Articles, etc.
    New: More Cloud NGFW Scalability Across Multiple AWS VPCs
    Cloud NGFW for AWS video
    Multi-VPC Cloud NGFW resource

    What’s New in November 2022

    Multiple AWS Accounts in Cloud NGFW Tenant
    You can onboard multiple AWS accounts onto the same Cloud NGFW tenant and create Cloud NGFW resources in these accounts. See Add Multiple AWS Accounts for more information.
    Cloud NGFW for AWS Blogs, Articles, etc.
    Cloud NGFW for AWS - FAQ (Updated)
    Cloud NGFW for AWS video
    AWS re:Invent 2022 - Avalon Healthcare Solutions secures deployment with Palo Alto Networks (PRT241)

    What’s New in August 2022

    Simplified Cloud NGFW subscription and account onboarding
    You can subscribe to Cloud NGFW for AWS and onboard your AWS accounts in a few clicks with minimal context switches between the AWS Marketplace & Cloud NGFW console.
    Please visit the documentation page and AWS videos to learn more about this feature.
    Cloud NGFW for AWS Blogs, Articles, etc
    Best-in-Class Network Security for AWS Now Easier To Get Worldwide
    Cloud NGFW for AWS video
    Deploying Cloud NGFW for AWS Step 1: Subscribe to Cloud NGFW (Updated)

    What’s New in July 2022

    Cloud NGFW for AWS Credits
    You can now move to a one-year, two-years or three-years contract by subscribing to the Palo Alto Networks Cloud NGFW for AWS Credits SaaS contracts listing for a specified number of credits. This subscription associates Cloud NGFW for AWS credits with your existing Cloud NGFW Tenant. Cloud NGFW for AWS credits allow you to consume Cloud NGFW resources in your tenant at a lower cost up to a specific capacity until your contract expires while retaining the ability to expand your Cloud NGFW consumption anytime.
    Inbound Decryption
    You can now use Cloud NGFW for AWS to decrypt, inspect, and protect inbound SSL/TLS sessions of your VPC Ingress traffic.
    See Setup Ingress Decryption for more information.
    Additional AWS Region Support
    Cloud NGFW for AWS is now available in the following AWS regions.
    • ap-northeast-1 (Tokyo)
    • ap-northeast-2 (Seoul)
    • ap-northeast-3 (Osaka)
    • ap-south-1 (Mumbai)
    • sa-east-1 (São Paulo)
    See Supported Regions and Zones for the complete list of supported regions.
    Cloud NGFW for AWS videos
    AWS re:Inforce 2022 - Building a scalable and secure global network infrastructure with AWS (NIS205)
    AWS re:Inforce 2022 - Integrated and automated: Securing each stage of cloud adoption (GRC306)

    What’s New in June 2022

    Audit Logs in Cloud NGFW
    You can now view Cloud NGFW audit logs in your Cloudwatch account. Please visit the documentation to learn more about this feature.
    XFF Support in Cloud NGFW Policy
    You can now enable Cloud NGFW resources to use the Source IP address in X-Forwarded-For (XFF) HTTP header field to enforce the policy. See the documentation to learn more.
    Additional AWS Region Support
    Cloud NGFW for AWS is now available in the following AWS regions.
    • eu-west-3 (Paris)
    • eu-north-1 (Stockholm)
    • eu-south-1 (Milan)
    • ap-southeast-1 (Singapore)
    • ap-southeast-2 (Sydney)
    See Supported Regions and Zones for the complete list of supported regions.
    Cloud NGFW for AWS Blogs, Articles, etc.What’s Next with Cloud NGFW - Live Q&A
    Cloud NGFW for AWS video
    Cloud NGFW for AWS - Integration with Splunk

    What’s New in May 2022

    Terraform Support for Cloud NGFW for AWS
    With the new cloudngfwaws provider, you can automate the process of building your security infrastructure and maintaining the network security posture of your AWS VPCs using Cloud NGFW rulestacks.
    See Terraform Support for Cloud NGFW for AWS and the detailed blog to learn more about the Terraform provider.
    Additional AWS Region Support
    Cloud NGFW for AWS is now available in the following AWS regions.
    • us-east-2 (Ohio)
    • ca-central-1 (Canada)
    • eu-west-1 (Ireland)
    • eu-west-2 (London)
    • eu-central-1 (Frankfurt)
    See Supported Regions and Zones for the complete list of supported regions.
    CloudFormation Support for Cloud NGFW for AWS
    We have published CloudFormation resource types as public extension in the AWS CloudFormation registry.
    You can now add these Cloud NGFW resources directly to your Cloud Formation templates in the same manner you use AWS-provided resources. These resource types enable you to deploy and manage Cloud NGFW components using Infrastructure as Code (IaC) workflows.
    See Cloud Formation Registry to learn more about the AWS CloudFormation support for Cloud NGFW.
    Cloud NGFW for AWS Blogs, Articles, etc.
    Cloud NGFW for AWS videos

    What’s New in April 2022

    Introducing Cloud NGFW for AWS Free Trial
    You can now try and buy Cloud NGFW for AWS directly from the AWS Marketplace. The Free Trial allows you to use two NGFW resources with full features to secure 100 GB of traffic for seven days at no cost.
    Get started today! To get hands-on experience with the Cloud NGFW, subscribe via the AWS Marketplace. To learn more about the Cloud NGFW free trial, see Cloud NGFW for AWS free trial.
    Additional AWS Region Support
    Cloud NGFW for AWS is now available in the us-west-2 (Oregon) AWS region.
    See Supported Regions and Zones for the complete list of supported regions.
    Cloud NGFW for AWS Programmatic Access
    You can now programmatically create and manage Cloud NGFW resources using the REST APIs. You can use the IAM role in your AWS account to access the Cloud NGFW APIs, then configure which IAM resources can assume this role.
    To learn more about the Cloud NGFW for AWS Programmatic Access, see Enable Programmatic Access and the Cloud NGFW for AWS REST API Guide.
    Cloud NGFW for AWS Blogs, Articles, etc.
    Cloud NGFW for AWS - Digital Course
    Cloud NGFW for AWS videos
    		Cloud NGFW for AWS Launch Event (On-Demand)

    What’s New in March 2022

    Introducing Cloud NGFW for AWS
    Cloud NGFW for AWS is a fully managed service on the AWS platform, powered by Palo Alto Networks software firewalls. With Cloud NGFW for AWS, you now have an NGFW deployment experience that handles the delivery of the Palo Alto Next-Generation Firewall capabilities and infrastructure in one motion.
    Cloud NGFW for AWS is a regional service. Currently, it is available in US East (N. Virginia) and US West (California) regions.
    See the Cloud NGFW for the AWS announcement on the Palo Alto Networks blog and the technical blog on the Live community page for more information.
    Please subscribe via the AWS Marketplace page to get hands-on experience with this service. To learn more about Cloud NGFW, its features, and its pricing, visit the technical documentation, video playlist, and FAQ pages.
    AWS Firewall Manager Supports the Cloud NGFW
    You can use AWS Firewall Manager to orchestrate the deployment of Palo Alto Networks Cloud NGFWs and get centralized visibility. AWS Firewall Manager automatically and consistently adds Palo Alto Networks Cloud NGFWs to new accounts and VPCs with no manual intervention. This integration reduces any operational heavy-lifting required to monitor new accounts, adds firewall protections, and offers visibility into non-compliant configurations across accounts in your organization.
    See the AWS Firewall Manager announcement, the AWS Firewall Manager documentation page, and Jeff Barr’s blog on integration.
    Cloud NGFW for AWS Blogs, Articles, etc.
    Cloud NGFW for AWS Videos

    © 2026 Palo Alto Networks, Inc. All rights reserved.