The Palo Alto Networks CN-Series containerized firewall is the best-in-class next-generation firewall purpose built to secure the Kubernetes environments against modern application attacks and data exfiltration. The CN-Series firewall enables network security teams to gain full application (Layer-7) visibility into Kubernetes environments, dynamically scale network security without compromising DevOps agility, and align with the demands of modern DevOps teams to easily manage CN-Series.
CN-Series firewalls can be easily deployed using DevOps friendly tools including Helm charts and Terraform templates. CN-Series Firewalls can be managed from Panorama—the same management console as all Palo Alto Networks firewalls—giving network security teams a single pane of glass to manage their organizations’ overall network security posture. It is recommended to deploy CN-Series firewall using Helm Charts for a seamless deployment experience. For more information, see Deploy the CN-Series Firewall Using HELM Chart.
|November 2, 2023||Cortex Data Lake (CDL) can now collect log data from CN-Series firewall. When you purchase a Cortex Data Lake license, all firewalls registered to your support account receive a Cortex Data Lake license.
IOT Security Support for CN-Series Firewall.
CN-Series Hyperscale Security Fabric (HSF) now introduces dynamic routing through BGP and BGP over BFD protocols.
|June 2, 2023
||CN-Series firewall with PAN-0S 10.1 version supports CN-Series firewall deployment on Alicloud ACK platform with Terway CNI to secure traffic between containers within the same cluster, as well as etween containers and other workload types such as virtual machines and bare-metal servers.|
|November 18, 2022||CN-Series Hyperscale Security Fabric (HSF) 1.0 is a cluster of containerized next-gen firewalls that deliver a highly scalable and resilient next-gen firewall solution for Mobile Service Providers deploying 5G networks.The CN-Series HSF solution offers hyper scalable with containerized NGFW, highly available and resilient, and eliminates external load balancer dependency: Provides ease of deployment and DevOps friendly environment that can be fully orchestrated through Panorama plugins. The CN-Series HSF solution is deployable in RedHat Openshift (On-premise) or AWS EKS public cloud managed Kubernetes environment.|
You can license your CN-Series Firewall as a Kubernetes Service deployed on AWS EKS through the AWS Marketplace. The CN-Series can be licensed for one month, one year, two years, or three years and deployed on EKS 1.19 and later or Redhat Openshift 4.7 and later.