Supported Deployments on Google Cloud Platform
Review basic topologies supported on Google® Cloud Platform (GCP™).
You can deploy the VM-Series firewall on a Google® Compute Engine instance in a network in your virtual private cloud (VPC). The deployment types are:
Deploy a VM-Series firewall as an internet gateway.
The VM-Series firewall secures North/South traffic to and from the internet to protect applications from known and unknown threats. A Google project can have up to five VPC networks. For a typical example of an internet gateway, refer to the Google configuration examples.
In public cloud environments, it is a common practice to use a scale-out architecture (see the figure below) rather than larger, higher performing VMs. This architecture (sometimes called a sandwich deployment) avoids a single point of failure and enables you to add or remove firewalls as needed.
Deploy a VM-Series firewall as a segmentation gateway.
A segmentation gateway secures East/West traffic between virtual private clouds (VPCs) to ensure data protection compliance and application access. The following figure shows a firewall securing both North/South and East/West traffic.
Hybrid IPSec VPN
Deploy a VM-Series firewall as a VPN termination point between an on-premises data center and a virtual private cloud (VPC), or place the firewall behind a VPN gateway.
The VM-Series firewall serves as an IPSec VPN termination point, which enables secure communications to and from applications hosted on Google Cloud Platform (GCP).
The deployment in the figure below shows a site-to-site VPN from an on-premises network to a VM-Series firewall deployed on GCP and an IPSec connection from an on-premises network to a Google Cloud VPN gateway.
Set Up the VM-Series Firewall on Google Cloud Platform
Deploy the VM-Series Firewall on a Google Cloud Engine instance. ...
Management Interface Swap for Google Cloud Platform Load Balancing
Learn about management interface swap for Google Compute Engine. ...
Virtualization Features VM-50 Lite Integration with Azure Security Center View high-priority firewall logs as security alerts on the Azure Security Center dashboard with the default ...
About the VM-Series Firewall on Google Cloud Platform
Prepare to deploy a VM-Series firewall on a Google® Compute Engine instance. ...
VM-Series Firewall on Google Cloud Platform
Deploy the VM-Series firewall from Google Cloud Platform Marketplace, enable Google Stackdriver monitoring, and enable VM-Series firewalls to monitoring Google Compute Engine instances. ...
VM-Series Deployments The VM-Series firewall can be deployed on the following platforms: VM-Series for VMware vSphere Hypervisor (ESXi) and vCloud Air You can deploy any ...
Secure Kubernetes Services in a Google Kubernetes Engine Cluster
To secure north-south traffic for k8s, deploy the VM-Series firewalls in an instance group and configure the GCP plugin on Panorama to learn the internet-facing ...
Set up the VM-Series Firewall on Azure
Set up the VM-Series Firewall on Azure VM-Series firewall on Azure brings the security features of Palo Alto Networks next generation firewall as a virtual ...
Switch Between the BYOL and the PAYG Licenses
Switch Between the BYOL and the PAYG Licenses The VM-Series firewall cannot be converted between the BYOL and PAYG licensing options. If you have already ...