New Features for Virtualized Environments Mike Jacobsen Addressing

  • Slides: 4
Download presentation
New Features for Virtualized Environments Mike Jacobsen

New Features for Virtualized Environments Mike Jacobsen

Addressing security challenges in virtualized environments § Provisioning of applications can occur in minutes

Addressing security challenges in virtualized environments § Provisioning of applications can occur in minutes with frequent changes § Security approvals and configurations may take weeks/months § Dynamic security policies for physical and virtual firewalls that understand VM context are needed Dynamic Address Groups VM Monitoring • Dynamic address objects introduced in 5. 0 • Automatically updating firewall object • Single tag support • No pre-built integrations in 5. 0 • Manual scripts using API calls required to update dynamic objects • Dynamic address groups in 6. 0 • Supports multiple tags for VM attributes • Increased max of registered IP addresses per object/system • 5. 0 dynamic objects convert to new groups • VM Monitoring in 6. 0 • Native integration with VMware v. Center and ESXi as dynamic information sources • Continued support for custom information sources using APIs 2 | © 2014, Palo Alto Networks. Confidential and Proprietary.

Dynamic address groups and VM monitoring VMware v. Center or ESXi PAN-OS Dynamic Address

Dynamic address groups and VM monitoring VMware v. Center or ESXi PAN-OS Dynamic Address Groups Name IP Guest OS Container web-sjc-01 10. 1. 1. 2 Ubuntu 12. 04 Web sp-sjc-04 10. 1. 5. 4 Win 2008 R 2 Share. Point web-sjc-02 10. 1. 1. 3 Ubuntu 12. 04 Web exch-mia-03 10. 4. 2. 2 Win 2008 R 2 Exchange exch-dfw-03 10. 4. 2. 3 Win 2008 R 2 Exchange sp-mia-07 10. 1. 5. 8 Win 2008 R 2 Share. Point db-mia-01 10. 5. 1. 5 Ubuntu 12. 04 My. SQL db-dfw-02 10. 5. 1. 2 Ubuntu 12. 04 My. SQL db-mia-05 10. 5. 1. 9 Ubuntu 12. 04 My. SQL Name Tags Addresses Share. Point Servers Share. Point Win 2008 R 2 “sp” 10. 1. 5. 4 10. 1. 5. 8 My. SQL Servers My. SQL Ubuntu 12. 04 “db” 10. 5. 1. 5 10. 5. 1. 2 10. 5. 1. 9 Miami DC “mia” 10. 4. 2. 2 10. 1. 5. 8 10. 5. 1. 5 San Jose Linux Web Servers “sjc” “web” Ubuntu 12. 04 10. 1. 1. 2 10. 1. 1. 3 PAN-OS Security Policy 3 | © 2014, Palo Alto Networks. Confidential and Proprietary. Source Destination Action San Jose Linux Web Servers Share. Point Servers ✔ My. SQL Servers Miami DC

VM-Series support for Citrix Net. Scaler SDX VM-100, VM-200, VM-300 deployed as guest VMs

VM-Series support for Citrix Net. Scaler SDX VM-100, VM-200, VM-300 deployed as guest VMs • Citrix Net. Scaler SDX is an open service-delivery platform that consolidates ADC (application delivery controller) and best-in-class network and security services • VM-Series is now supported on Citrix SDX 11500 and 17550 Series • Key use cases: • Multi-tenant cloud deployments to meet individual needs of business unit, application owners, service provider customers • Integrated solution for Citrix Xen. App/Xen. Desktop deployments 4 | © 2014, Palo Alto Networks. Confidential and Proprietary.