VM-Series Performance & Capacity
    : VM-Series on Amazon Web Services Performance and Capacity
    Focus
    Download PDF
    Focus
    1. Home
    2. VM-Series
    3. VM-Series Performance & Capacity
    4. VM-Series Performance and Capacity on Public Clouds
    5. VM-Series on Amazon Web Services Performance and Capacity
    Download PDF

    VM-Series Performance & Capacity

    VM-Series on Amazon Web Services Performance and Capacity

    Table of Contents
    End-of-Life (EoL)

    VM-Series on Amazon Web Services Performance and Capacity

    Many factors, such as AWS instance size, maximum packets per second supported, number of cores used, and AWS placement group, can affect performance.
    We recommend additional testing within your environment to ensure that you meet your performance and capacity requirements. For a complete listing of all VM-Series features and capacities, see compare VM-Series firewalls. The performance and capacities listed in the following table have been generated under these test conditions:
    • Recommended AWS Instance types (c5/m5/c5n/m5n) and sizes that use the AWS Nitro Hypervisor with Enhanced Networking Adapter (ENA). Additionally, SR-IOV and DPDK are enabled and AWS placement groups are configured.
    • Firewall throughput is measured with App-ID™ technology features enabled utilizing 64 KB HTTP 1.1 transactions.
    • IPsec VPN is measured with App-ID™ enabled and performance is tested between a pair of VM-Series firewall instances in a placement group deployed within the same availability zone and region. The performance will vary based on AWS instance type and connectivity topology (for example, connecting from on-premises hardware to VM-Series on AWS, or from VM-Series in an AWS VPC to an AWS VGW in another VPC, or VM-Series to VM-Series across regions).
    • Threat Prevention throughput is measured with App-ID, User-ID, IPS, antivirus, and anti-spyware features enabled, utilizing 64 KB HTTP 1.1 transactions.
    Model VM-50 / VM-50 Lite*VM-100VM-300VM-500 VM-700
    AWS instance size tested (recommended**)N/Am5.xlarge m5.xlarge m5.2xlargem5.4xlarge
    Firewall throughput (App-ID enabled)N/A 2.1 Gbps 4.3 Gbps 9.0 Gbps 10.2 Gbps
    Threat Prevention throughput N/A1.0 Gbps1.9 Gbps 4.1 Gbps 7.8 Gbps
    IPsec VPN throughput*** N/A 0.9 Gbps 1.6 Gbps3.0 Gbps 3.3 Gbps
    *The VM-50 and VM-50 Lite are not supported on AWS. See VM-Series on AWS Instances.
    **Refers to recommended AWS instance size of a supported AWS instance type based on CPU cores, memory, network interfaces and pricing. For example, m5.xlarge instance (with 2 vCPUs, 16GB memory, 4ENIs at its price is recommended to support VM-300 model for a range of common use cases.
    ***IPsec VPN Throughput is tested on the VM-100 with 1 tunnel, VM-300 with 2 tunnels, VM-500 with 6 tunnels, and VM-700 with 12 tunnels.

    © 2024 Palo Alto Networks, Inc. All rights reserved.