1. Home
    2. VM-Series
    3. VM-Series Deployment Guide
    4. Set up the VM-Series Firewall on Azure
    5. About the VM-Series Firewall on Azure
    6. Minimum System Requirements for the VM-Series on Azure
    End-of-Life (EoL)

    Minimum System Requirements for the VM-Series on Azure

    You must deploy the VM-Series firewall in the Azure Resource Manager (ARM) mode only; the classic mode (Service Management based deployments) is not supported. The VM-Series firewall on Azure must meet the following requirements:
    • Azure Linux VMs of the following types:
      • Standard_D3_v2 (default)
      • Standard_D4_v2
      • Standard_D5_v2
      • Standard_D4_v3
      • Standard_D16_v3
      • Standard_DS3_v2
      • Standard_DS4_v2
      • Standard_DS5_v2
    • For memory, disk and CPU cores required to deploy the VM-Series firewall, see VM-Series System Requirements.
      You can add additional disk space of 40GB to 8TB for logging purposes. The VM-Series firewall does not utilize the temporary disk that Azure provides.
    • Up to seven network interfaces (NICs). A primary interface is required for management access and up to six interfaces for data traffic.
      On Azure, because a virtual machine does not require a network interface in each subnet, you can set up the VM-Series firewall with just two network interfaces (one for management traffic and one for dataplane traffic). To create zone-based policy rules on the firewall, in addition to the management interface, you need at least two dataplane interfaces so that you can assign one dataplane interface to the
      trust
       zone, and the other dataplane interface to the
      untrust
       zone.
      Because the Azure VNet is a Layer 3 network, the VM-Series firewall on Azure supports Layer 3 interfaces only.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2022 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo