The Cloud NGFW for Azure resource maintains its uptime based on its built-in elastic scalability model, which dynamically scales with your VNet and Virtual WAN traffic to meet unpredictable throughput demands.

The Cloud NGFW resource scales out by adding more Security Processing VM instances when the average of any single scaling dimension reaches a 40% threshold. This aggressive approach ensures the service can quickly handle sudden increases in traffic volume and maintain its uptime and performance.

The Cloud NGFW resource scales in by removing Security Processing VM instances only when the average of each scaling dimension reaches a 20% threshold. This conservative approach prevents the service from prematurely removing instances during minor lulls in traffic, which could cause performance issues if traffic suddenly increases again. It ensures a stable and consistent level of performance.

The Cloud NGFW resource leverages its built-in high availability and scales with your traffic based on multiple dimensions and thresholds as stated below:

As discussed in the disaster recovery guide, Palo Alto Networks has built-in resiliency to recover from Security Processing VM failures and AWS Availability zones failures. Cloud NGFW maintains its uptime based on its built-in resiliency model.

Cloud NGFW resource offers built-in resiliency within an availability zone in an Azure region by having a minimum of three Security Processing VM instances running simultaneously in a dedicated Azure Virtual Machine Scale Set (VMSS) for high availability. In the event of a security processing VM instance failure, Cloud NGFWs utilize the VMSSs running these security processing instances to enable resiliency for VM instance failures. The fine-grained health check configurations enable the Azure Load Balancer to detect faults in the security processing VM instances and immediately replace them with a new instance. Since the recovery heuristic is built into the product and does not require any action from your end, Palo Alto Networks will not notify you about this event.

Cloud NGFW resource offers built-in resiliency across Azure availability zones in an Azure region by having a distinct Virtual Machine Scale Set (VMSS) that distributes the Security processing VMs across availability zones in a given region. In a rare event of a complete Availability Zone failure, the blast radius within the Cloud NGFW resource is limited to the Security Processing VM instances provisioned in that specific availability zone. The Cloud NGFW resource remains intact and protects traffic in other Azure availability zones using the security processing VMs in those zones. If the entire Azure availability zone is down, all your application workloads in that zone will also be unavailable, and Cloud NGFW will receive no traffic in that zone. When the Azure availability zone is back up, the Cloud NGFW resource automatically detects the change and immediately brings up the instances in that availability zone. Since, the recovery heuristic is built into the product and does not require any action from your end, Palo Alto Networks will not notify you about this event.

As you deploy your applications across multiple Azure regions to service requests in an active-active manner, you also deploy the Palo Alto Networks Cloud NGFW resources, with built-in availability, resiliency, and life-cycle management, in each region to secure the application traffic. In a rare event of a complete Azure regional failure, the application workloads and the Cloud NGFW resource in that region will be down. There is no traffic in the region to secure during this outage. However, your application workloads in other regions will continue to process application traffic, and the Cloud NGFW service deployed in those regions will continue to secure traffic, offering best-in-class security with high availability.