>
    Virtualization Features
    Focus
    Download PDF
    Focus
    1. Home
    2. Next-Generation Firewall
    3. Features Introduced in PAN-OS 12.1
    4. Virtualization Features
    Download PDF
    Next-Generation Firewall

    Virtualization Features

    Table of Contents

    Virtualization Features

    Describes all the exciting new capabilities in PAN-OS® 12.1 for the VM-Series and CN-Series firewall

    Secure Boot Support for VM-Series on Google Cloud Platform (GCP)

    August 2025
    • Introduced in VM-Series on Google Cloud Platform (GCP) with PAN-OS 12.1.2
    The VM-Series firewall on Google Cloud Platform (GCP) now supports Secure Boot, providing an added layer of protection against low-level threats like rootkits and bootkits. Secure Boot ensures only trusted software components are loaded during the boot process and safeguards against malicious code injection and unauthorized modifications. This feature establishes a reliable chain of trust to maintain the integrity and authenticity of your VM-Series instances leveraging the Unified Extensible Firmware Interface (UEFI) and cryptographic signatures.
    Secure Boot support is available only for fresh installations of VM-Series with PAN-OS version 12.1 or later. Secure Boot will not be enabled for upgraded VM-Series models. For downgrades, you must disable Secure Boot in the GCP Console and restart the instance before proceeding.

    Hyperscale Security Fabric

    August 2025
    • Introduced in PAN-OS 12.1.2
    Organizations increasingly require scalable, elastic, and/or resilient firewalls delivered in a virtual form factor. Extensive public and private cloud infrastructures necessitate dynamic scaling, high-throughput protection, and session resiliency to guarantee business continuity and adapting to the organization's operational pace.
    The Hyperscale Security Fabric (HSF) is an innovative solution designed to address the scalability and performance needs of organisations through its Gateway nodes and auto-scaling DP nodes. HSF eliminates the need for third-party external load balancing by deploying AI-Gateways as fixed capacity NGFWs that both inspect and also load balance to the dynamically scaling DP nodes behind them. You can efficiently manage your network security as your data center grows and achieve high throughput capabilities of around 100 Gbps using 4 AI-Gateways and scale to over 200 Gbps with additional AI-DP instances (up to a maximum of 6).
    HSF supports the following:
    • Session resiliency with session failover to healthy firewall instances.
    • Auto-scaling based on session utilization. You can configure auto-scale parameters to dynamically adjust the number of AI-DP instances based on traffic demands.
    • Simplified and automated deployment through Software Orchestration Panorama plugin.
    • Rolling upgrades with rollback support, ensuring minimal disruption during maintenance.
    • Monitoring and visibility to view the firewall cluster as a single entity within Panorama.
    • Customer-facing APIs and CLIs for querying individual firewall member status and performance metrics.

    © 2025 Palo Alto Networks, Inc. All rights reserved.