Virtualization Features

Describes all the exciting new capabilities in PAN-OS® 9.1 for the VM-Series firewall.
The VM-Series firewall running PAN-OS 9.1 requires the VM-Series plugin 1.0.8.
New Virtualization Features
East-West Traffic Inspection with VM-Series Firewall on VMware NSX-T
You can now integrate the VM-Series firewall with VMware NSX-T to provide comprehensive visibility and safe application enablement of all east-west traffic in your NSX-T deployment. When you deploy the VM-Series firewall as part of a service chain in a Host Based (per ESXi host) or Clustered (as part of an ESXi service cluster) NSX-T managed cloud environment, you can inspect and secure lateral traffic between virtual machines in the data center and implement micro-segmentation.
Performance Improvements for C5/M5 Instances on AWS
VM-Series firewalls deployed on C5 or M5 instances on AWS that use the Elastic Network Adapter (ENA), now support DPDK. With DPDK, VM-Series firewalls provide higher throughput performance for use cases in manual or managed firewall deployments and elastic scale out deployments. The range of instance sizes in the C5 or M5 instance family that support these use cases include 5.xlarge to m5.4xlarge, and c5.18xlarge. DPDK is disabled by default on the VM-Series on AWS, and you must enable it upon upgrade.
Support for DPDK on Cisco ENCS
For faster packet processing, the VM-Series firewall running on Cisco Enterprise Network Compute System (ENCS) supports DPDK on Cisco 5400 ENCS appliances with the NFVIS 3.10.x and 3.12.x.
Support for DPDK on VM-Series on Azure
DPDK support for VM-Series firewall instances on Azure with Azure Accelerated Networking (AN) enables higher throughput. This is achieved with a design change for efficiently processing packets as they pass from the Azure network fabric to the VM-Series firewall.

Recommended For You