Palo Alto VM series Virtual firewall review

Organizations are quickly adopting multi-cloud architectures to spread out the risk risk take advantage of different cloud vendors. The Palo Alto VM series ensures your applications and data are protected across public clouds, virtualized data centers, and NFV deployments.

To protect your virtualized applications, workloads, and data, your organization needs cloud security that addresses significant challenges like data loss risks and business disruption. The Palo Alto VM series does this in several ways. It uses the application identity to enable segmentation and allow listing. Plus, it controls resource access based on need and user identity. It also prevents malware from gaining access and moving laterally from workload to workload. And, it simplifies management. It can be fully automated to minimize friction and security policy lag as virtual workloads change.

The Palo Alto VM series virtual firewalls support the same security and advanced threat prevention features in the hardware firewalls. This allows you to protect your applications and data from the network to the cloud.

The VM-Series has been designed to deliver up to 16 Gbps of App-ID-enabled firewall performance. It offers five models. They are VM-50/VM-50 Lite, VM-100/VM-300, and VM-500/VM700.

VM-50/VM-50 Lite

VM-50 is designed to consume minimal resources and support CPU oversubscription. Still, it delivers up to 200 Mbps of App-ID-enabled firewall performance. And that’s for scenarios ranging from virtual branch office/customer premises equipment to high-density, multi-tenant environments.

VM-100 and VM-300

These are optimized to deliver 2 Gbps and 4 Gbps of App-ID-enabled performance, respectively, for hybrid cloud, segmentation, and internet gateway use cases.

VM-500 and VM-700

The VM-500 and VM-700 are able to deliver 8 Gbps and 16 Gbps of App-ID-enabled firewall performance, respectively. You can deploy it as NFV security components in virtualized data center and service provider environments.

Key features of the Palo Alto VM series

The abundant automation features and centralized management allow you to embed security in your application development process. This ensures security can keep pace with the speed of the cloud. For example, the VM-Series provides application visibility across all ports. As a result, you have far more relevant information about your cloud environment. And that helps you make rapid, informed policy decisions.

And today’s cyberthreats often compromise an individual user, and then move laterally across your network. Palo Alto’s segmentation and allow listing policies let you to control applications communicating across different subnets. And you can block lateral threat movement and achieve regulatory compliance.

Attacks can use any port, rendering traditional prevention mechanisms ineffective. So another important feature of the VM-Series is that it allows native integration with their cloud-delivered subscription services such as Threat Prevention, DNS Security, and WildFire®. This will apply application-specific policies that block exploits, prevent malware, and stop unknown threats in their tracks.

And Panorama™ provides centralized network security management. VM-Series firewalls can be run across multiple cloud systems, along with physical security appliances. This ensures policy consistency and cohesion. Detailed logging/reporting provides visibility into applications, users, and content.


You won’t find much difference between the hardware firewalls and VM series in terms of functionality. You’ll get the same level of performance and also be able to use the same PAN OS features. Palo Alto VM also has the advantages over hardware of easy installation and deployment. Plus, there’s no physical wiring, easy backup, and easy recovery. You’ll also like its support of various hypervisors as well as cloud integration. And, of course, it’s supremely scalable.

There’s a great deal to like about the Palo Alto VM series, and we’d love to tell you more about it. So, why not give us a call at 877-449-0458, or reach out at [email protected]? Thanks for reading!

The Palo Alto VM series At-A-Glance

Total Firewall Throughput from 200 Mbps to up to 16 Gbps
From 250 to 8,000 IPsec VPN Tunnels (for VM-50 and VM-700 respectively)
From 250 to 12,000 SSL VPN Tunnels (for VM-50 and VM-700 respectively)
Application visibility for informed security decisions