Virtualization Features
Focus
Focus

Virtualization Features

Table of Contents
End-of-Life (EoL)

Virtualization Features

Describes all the exciting new capabilities in PAN-OS® 11.0 for the VM-Series and CN-Series firewall.
New Virtualization FeatureDescription
Hyperscale Security Fabric (HSF) 1.0 on CN-Series
With CN-Series Hyperscale Security Fabric (HSF) 1.0, you can now create a cluster of containerized next-gen firewalls that deliver a highly scalable and resilient next-gen firewall solution, eliminating the dependency on external load balancers for Mobile Service Providers deploying 5G networks.
Advanced Routing Engine Support on CN-Series
The Advanced Routing Engine is now supported on the CN-Series.
Key Management Service (KMS) Support for VM-Series
This release enables cloud native key managers, Azure Key Vault and AWS Secrets Manager, to store certificates for VM-Series firewalls.
Software Cut-through Based Offload on Software Firewalls
You can now configure software cut-through based offload on the VM-Series and CN-Series firewall.
With the software cut-through based Intelligent Traffic Offload (ITO) service, the CN-Series firewall eliminates the tradeoff between network performance, security, and cost. The software cut-through based offload supports the GTP-U tunnel protocol. In the CN-Series, only the CN-Series as a Kubernetes CNF mode of deployment supports software cut-through based ITO. For more information, see Software Cut-through Based Offload on CN-Series Firewall.