CN-Series Supported Scale Factors

Review the capacities on the Kubernetes plugin and the CN-Series firewall.
The scale numbers that the different components required to Secure Kubernetes Workloads with CN-Series are listed in the following sections:

Scale Supported on the CN-Series Components

Attribute
CN-Series Scale
Maximum CN-MGMT pairs per K8s cluster
4 CN-MGMT
(or 8 CN-MGMT pod instances in a cluster)
Maximum CN-NGFW pods per CN-MGMT pair
30
Kubernetes pods secured by CN-NGFW (per K8s node)
30
Maximum Number of TCP/IP Sessions per CN-NGFW
20,000 sessions
Maximum Dynamic Address Groups IP addresses* per CN-MGMT pair
2500
Tags per IP address* per CN-MGMT pair
32

Scale Supported on the Kubernetes Plugin on Panorama

Attribute
Kubernetes Plugin Scale
Maximum Clusters on a K8s Panorama Plugin
16 (across all supported environments such as native K8s, AKS, EKS, GKE)
Maximum pods per cluster in Kubernetes plugin
900 (30*30)
Maximum Services per K8s cluster (Internal + External)
40
Maximum IP addresses (Pods + Services) across clusters per device group in the Kubernetes plugin
32*30 + 40 * 16 = 1560 (MP supports 2500)

Recommended For You