Auto Scale Model
Manage your network configuration, bootstrap definitions, and VM-Series images using
the autoscale feature of the VM-Series firewall.
| Where Can I Use This? | What Do I Need? |
|---|
- Google Cloud Platform (GCP)
|
- VM-Series License (PAYG or BYOL)
- VM-Series plugin
- Panorama
- Panorama plugin for GCP
|
In the autoscale model, VM-Series are deployed to a zonal or regional managed
instance group (MIG). The MIG references an instance template which defines the
VM-Series networking configuration, bootstrap definitions, and the VM-Series image.
Therefore, all of the firewalls within the MIG are identical and are managed as a single
entity using Panorama or Strata Cloud Manager. Lastly, the MIG can be set as the backend
service of Google Cloud’s
Passthrough Network Load Balancer (NLB),
enabling traffic distribution among the VM-Series dataplane interfaces.
The autoscale model provides is best for environments requiring the following:
For more Information, see:
Session Resiliency with Autoscale Model
Session resiliency across the VM-Series MIG can be achieved by leveraging
Memorystore for Redis within GCP. Once configured, the Redis database synchronizes
sessions across all operational firewalls within the MIG. In the event of a firewall
or zone failure, the passthrough network load balancers transfer sessions from the
failed firewall to any available firewalls within the MIG, thus maintaining session
continuity.
It is recommended to deploy VM-Series using the session resiliency brings
you the following benefits:
Cost optimization, scalability, and simplified upgrading through a
scale-out architecture.
Session Continuity in case of an NGFW’s failure.
The clustering in the cloud mode of VM-Series deployment is
supported on PAN-OS version 11.1 and above only.
Network Load Balancer only syncs the sessions with the
Redis database. The NGFW NAT tables are not synced.
