Learn how to configure the Azure plugin on Panorama to
manage VM-Series firewalls in AKS deployments.
To secure Azure Kubernetes services, you must first
install the Azure plugin on Panorama and configure an Azure auto scaling deployment.
The Azure plugin for Panorama supports tag-based VM monitoring and auto scaling,
secures inbound traffic for Azure Kubernetes Services (AKS) clusters,
and monitors outbound traffic from AKS clusters. The auto scaling
templates allow you to leverage Azure auto scale metrics and the
scale-in and scale-out thresholds to manage surges in demand for application
workload resources by independently scaling the VM-Series firewalls.
Palo Alto Networks provides an AKS template that deploys
an Azure Kubernetes Service (AKS) cluster in a new Azure VNet. The
Azure plugin on Panorama helps you set up a connection which can
monitor Azure Kubernetes cluster workloads, harvesting services
you have annotated as “internal load balancer” and creating tags you
can use in dynamic address groups.
You can leverage Panorama dynamic address groups to apply security
policy on inbound traffic routed to services running on your AKS