VM-Series Plugin 4.0.4
Table of Contents
Expand all | Collapse all
-
-
-
-
- Features Introduced in Zero Touch Provisioning 2.0
- Known Issues in the Zero Touch Provisioning 2.0.4 Release
- Known Issues in the Zero Touch Provisioning 2.0.3 Release
- Known Issues in the Zero Touch Provisioning 2.0.2 Release
- Known Issues in the Zero Touch Provisioning 2.0.1 Release
- Known Issues in the Zero Touch Provisioning 2.0.0 Release
- Limitations
-
-
VM-Series Plugin 4.0.4
The VM-Series plugin 4.0.4 introduces new functionality improve your experience with the
VM-Series firewall and improvements to Google Cloud Platform IPS, powered by Palo
Alto Networks.
Refer to the Compatibility Matrix to correlate this
VM-Series plugin version with a PAN-OS version.
Reduce Maximum Session Count on VM-Series Firewalls
VM-Series firewalls features such as GTP or session resiliency require additional
memory to function. Upon enabling these features, the maximum session count is automatically
reduced by 30%. For example, if you deploy a VM-Series firewall with 9GB of memory,
that firewall has a maximum session count of 600,000 sessions. However, if you
enable session resiliency on that firewall, the maximum session count is reduced to
420,000 sessions.
New VM-Series firewalls deployed with 14GB, 16GB, 18GB, or 20GB now have
the following maximum session values. When GTP or session resiliency is enabled, the
new maximum session counts are reduced by 30%. For example, if you deploy a
VM-Series firewall with 14GB of memory, that firewall has a maximum session count of
1,100,000 sessions. However, if you enable session resiliency on that firewall, the
maximum session count is reduced to 770,000 sessions.
| Memory | Old Maximum Session Count | New Maximum Session Count |
|---|---|---|
| 14GB | 1,200,000 | 1,100,000 |
| 16GB | 1,800,000 | 1,100,000 |
| 18GB | 2,000,000 | 1,200,000 |
| 20GB | 2,800,000 | 1,800,000 |
Additionally, you can manually reduce the maximum session count by a fixed amount as
described in the table below. Use the following CLI command to reduce the maximum
session count by a fixed amount after executing the command and reboot the firewall.
If you enable GTP or session resiliency after executing this command, the session
count will be reduced by an additional 30%. For example, a 12GB VM-Series firewall
supports a maximum session count of 1,000,000. Executing the scale down command
reduces the count to 800,000. After enabling GTP, the count goes to 560,000.
request plugins vm_series set-session-max scale-down
You can reset the default maximum session count value by executing the
following command and rebooting your firewall.
request plugins vm_series set-session-max
default
| Memory | Default Max Sessions | Reduced Max Sessions |
|---|---|---|
| 10GB | 800,000 | 500,000 |
| 12GB | 1,000,000 | 800,000 |
| 24GB | 3,600,000 | 2,500,000 |
| 28GB | 4,400,000 | 2,800,000 |
| 32GB | 5,200,000 | 3,500,000 |
| 36GB | 6,000,000 | 4,500,000 |
| 40GB | 6,800,000 | 5,500,000 |
| 44GB | 7,600,000 | 6,750,000 |
| 48GB | 8,400,000 | 7,000,000 |
| 52GB | 9,200,000 | 8,150,000 |
| 56GB | 10,000,000 | 8,500,000 |
| 64GB | 10,000,000 | 8,250,000 |
| 128GB | 14,000,000 | 10,000,000 |