Secure Kubernetes Services on Azure

Learn how to configure the Azure plugin on Panorama to manage VM-Series firewalls in Azure Kubernetes Service (AKS) deployments.
The Azure plugin for Panorama supports tag-based VM monitoring and auto scaling, secures inbound traffic for Azure Kubernetes Service (AKS) clusters, and monitors outbound traffic from AKS clusters. When you deploy the Azure auto scaling templates, you can leverage Azure auto scale metrics and scale-in and scale-out thresholds so that you can automatically scale your VM-Series firewalls to accommodate surges in demand for application workload resources.
The Palo Alto Networks Azure Auto Scaling templates work with Azure services and components to gather information about your network and resources, and create an auto-scaling tier of VM-Series firewalls. The auto-scaling tier provides a network infrastructure you can use to secure your Kubernetes services.
Palo Alto Networks provides an AKS template that deploys an AKS cluster in a new Azure VNet. The Azure plugin on Panorama helps you set up a connection that can monitor Azure Kubernetes cluster workloads, gathering services you have annotated as “internal load balancer” and creating tags you can use in Panorama dynamic address groups. You can leverage Dynamic Address Groups to apply Security policy on inbound traffic routed to services running on your AKS cluster.

Recommended For You