Home
Products
Releases
Best Practices
Resources
By Type
EN
Location
Documentation Home
Palo Alto Networks
Support
Live Community
Knowledge Base
Products
Releases
Best Practices
Resources
By Type
Network Security
Cloud-Delivered Security Services
Advanced DNS Security
Advanced WildFire
Advanced Threat Prevention
Advanced URL Filtering
AI Access Security
Enterprise Data Loss Prevention
SaaS Security
IoT Security
Cloud Identity Engine
Cloud NGFW for AWS
Cloud NGFW for Azure
CN-Series
Common Services
License Activation & Subscription Management
Tenant Management
Identity & Access Management
Device Associations
FAQ
GlobalProtect
Next-Generation Firewall
PAN-OS
AIOps for NGFW
Firewalls
SD-WAN
Service Provider
Panorama
Strata Logging Service
Strata Cloud Manager
AI Runtime Security
VM-Series
Secure Access Service Edge
Common Services
License Activation & Subscription Management
Tenant Management
Identity & Access Management
Device Associations
FAQ
FedRAMP
Next-Generation CASB
Prisma Access
Autonomous DEM
Prisma Access Browser
Prisma SD-WAN
ION Devices
Remote Browser Isolation
Strata Cloud Manager
Strata Multitenant Cloud Manager
Cloud-Native Security
Prisma Cloud
Security Operations
Cortex XDR
Cortex XSOAR
Cortex XPANSE
Cortex XSIAM
What's New
What's New Releases
All Release Notes
View All Release Notes
Recently Updated Release Notes
Strata Cloud Manager Release Notes
Terminal Server (TS) Agent Release Notes (11.0)
User-ID™ Agent Release Notes (11.0)
Release Notes
PAN-OS Release Notes (PAN-OS 10.2)
PAN-OS Release Notes (PAN-OS 11.1)
PAN-OS Release Notes (PAN-OS 11.2)
GlobalProtect™ App Release Notes (6.0)
VM-Series and Panorama Plugins Release Notes
AI Runtime Security Release Notes
See All Recently Updated Release Notes
Recently Updated Documentation
Prisma SD-WAN New Features (New Features Guide)
Network Security: Security Policy
VM-Series Deployment Guide (10.2)
VM-Series Deployment Guide (11.0 (EoL))
VM-Series Deployment Guide (PAN-OS 11.1 & Later )
Prisma SD-WAN CloudBlade Integrations (CloudBlade Integrations)
What's New in the NetSec Platform
Prisma SD-WAN Administrator’s Guide
Activation & Onboarding
Prisma Access Administration (4.0 & Later)
See All Recent Updates
Applications and Threats Content Updates
Best Practices for Migrating to Application-Based Policy
Data Center
Decryption
DoS and Zone
Get Started
Internet Gateway Security Policy
Secure Administrative Access
Security Policy
WildFire
Zero Trust
VIEW ALL
All Release Notes
Blog
Compatibility Matrix
Experts Corner
Infographics
Licensing, Registration, and Activation
OSS Listings
Translated Documents
VIEW ALL
API Documentation
Release Notes
Cloud NGFW for AWS Getting Started
Cloud NGFW for AWS Getting Started
Cloud NGFW for AWS Documentation
All Documentation
>
Clear
Search
Loading
Clear
Supported Cloud NGFW Management and Deployment Features
Updated on
Dec 20, 2024
Focus
Download PDF
Updated on
Dec 20, 2024
Focus
Home
Cloud NGFW for AWS
Introducing Cloud NGFW for AWS
Supported Cloud NGFW Management and Deployment Features
Download PDF
Cloud NGFW for AWS
Supported Cloud NGFW Management and Deployment Features
Table of Contents
Filter
Expand All
|
Collapse All
Cloud NGFW for AWS Docs
Getting Started
Introducing Cloud NGFW for AWS
Cloud NGFW Resource and NGFW Endpoints
Supported Cloud NGFW Management and Deployment Features
Supported Security Policy Management Features
Getting Started from the AWS Marketplace
Getting Started from an AWS Members Account
Getting Started from an AWS Firewall Manager Account
Cloud NGFW for AWS Free Trial
Deployment
Cloud NGFW for AWS Centralized Deployments
Cloud NGFW for AWS Distributed Deployments
Cloud NGFW Integration with AWS Cloud WAN
Administration
Manage
Invite Users to Cloud NGFW for AWS
Manage Cloud NGFW for AWS Users
Get Help
Usage Explorer
Deploy
Create an NGFW Resource on AWS
Create Cloud NGFW for AWS Endpoints
Delete a Cloud NGFW Resource
Direct Traffic to Cloud NGFW for AWS
Configure Private Traffic Range
Configure Egress NAT
Protect
Cloud-Delivered Security Services (CDSS)
Cloud NGFW for AWS Advanced Threat Protection
Cloud NGFW on AWS Advanced URL Filtering
Cloud NGFW on AWS WildFire Protection
Cloud NGFW for AWS DNS Security
Cloud NGFW for AWS Enterprise Data Loss Prevention (E-DLP) Integration
Cloud NGFW Native Policy Management
Rulestacks and Rules on Cloud NGFW for AWS
X-Forwarded-For on Cloud NGFW for AWS
Create a Prefix List on Cloud NGFW for AWS
Add a Certificate to Cloud NGFW for AWS
Create an FQDN List for Cloud NGFW on AWS
Configure Intelligent Feed on Cloud NGFW for AWS
Create Security Rules on Cloud NGFW for AWS
Cloud NGFW for AWS Security Profiles
Predefined URL Categories for Cloud NGFW for AWS
Configure File Blocking on Cloud NGFW for AWS
Set Up Outbound Decryption on Cloud NGFW for AWS
Set Up Inbound Decryption on Cloud NGFW for AWS
Cloud NGFW for AWS Rule Usage
Panorama Policy Management
Prepare for Panorama Integration
Link the Cloud NGFW to Palo Alto Networks Management
Associate a Linked Panorama to the Cloud NGFW Resource
Unlink the Cloud NGFW from Panorama
Use Panorama for Cloud NGFW Policy Management
Configure Tag-based Policies
Configure Zone-based Policy Rules
Strata Cloud Manager Policy Management
Monitor
View Logs Natively in AWS
Cloud NGFW for AWS Traffic Log Fields
Cloud NGFW for AWS Threat Log Fields
Cloud NGFW for AWS Decryption Log Fields
View Traffic and Threat Logs and Activity in Panorama
View Traffic and Threat Logs in Strata Logging Service
View Audit Logs on Cloud NGFW for AWS
Publish and View Custom Metrics in AWS CloudWatch
Firewall-as-Code
Enable Programmatic Access
Terraform Support for Cloud NGFW AWS
Configure Automated Account Onboarding
Provision Cloud NGFW Resources to Your AWS CFT
Cross-Account Role CFT Permissions for Cloud NGFW
Reference
Cloud NGFW for AWS Pricing
Cloud NGFW Credit Distribution and Management
Cloud NGFW Scalability Across Multiple AWS VPCs
Cloud NGFW for AWS Limits and Quotas
Cloud NGFW for AWS Supported Regions and Zones
Cloud NGFW for AWS Privacy and Data Protection
Cloud NGFW for AWS Certifications
Release Notes
What's New
Cloud NGFW for AWS Known Issues
Previous
Cloud NGFW Resource and NGFW Endpoints
Next
Supported Security Policy Management Features
Supported Cloud NGFW Management and Deployment Features
The Palo Alto Networks Cloud NGFW for AWS supports the following management and deployment features.
Where Can I Use This?
What Do I Need?
Cloud NGFW for AWS
Cloud NGFW subscription
Palo Alto Networks Customer Support Account (CSP)
AWS Marketplace account
User role (either tenant or administrator)
The Palo Alto Networks Cloud NGFW for AWS supports the following management and deployment features.
NGFW Deployment & Management
Description
Native NGFW Deployment
AWS Firewall Manager Deployment
Tools
You have multiple configuration options to deploy and manage Cloud NGFW resources.
Cloud NGFW Console
Cloud NGFW APIs
Cloud Formation
Terraform
AWS Console
AWS APIs
Cloud Formation
AWS Regions
Cloud NGFW for AWS is an AWS regional service. The Cloud NGFWs you deploy protects your VPC Ingress and Egress traffic in that AWS region.
21
16
Deployment Architectures
There are multiple deployment models available with Cloud NGFW for AWS. The right model depends on the use case and requirements.
Centralized
Distributed
Combined (Multi-VPC NGFW resource)
Centralized Model
Distributed Model
Previous
Cloud NGFW Resource and NGFW Endpoints
Next
Supported Security Policy Management Features
x
Thanks for visiting
https://docs.paloaltonetworks.com
. To improve your experience when accessing content across our site, please add the domain to the allow list on your ad blocker application.
