VM-Series
Deployment
Guide
55
Set Up a VM-Series NSX Edition Firewall
VM-Series NSX Edition Firewall Overview
What are the Benefits of the NSX Edition Solution?
The NSX edition of the VM-Series firewall is focused on securing east-west communication in the
software-defined datacenter. Deploying the firewall has the following benefits:
Automated Deployment
—The NSX Manager automates the process of delivering next-generation firewall
security services and the VM-Series firewall allows for transparent security enforcement. When a new ESXi
host is added to a cluster, a new VM-Series firewall is automatically deployed, provisioned and available for
immediate policy enforcement without any manual intervention. The automated workflow allows you to
keep pace with the virtual machine deployments in your datacenter. The hypervisor mode on the firewall
removes the need to reconfigure the ports/ vswitches/ network topology; because each ESXi host has an
instance of the firewall, the traffic does not need to traverse the network or be backhauled for inspection and
consistent enforcement of policies.
Tighter Integration Between Virtual Environment and Security Enforcement for Dynamic
Security
—Dynamic Address Groups maintain awareness of changes in the virtual machines/applications
and ensure that security policy stays in tandem with the changes in the network. This awareness provides
visibility and protection of applications in an agile environment.
Sturdier Centralized Management
—The firewalls deployed using this solution are licensed and managed
by Panorama, the Palo Alto Networks central management tool. Using Panorama to manage both the
perimeter and datacenter firewalls (the hardware-based and virtual firewalls) allows you to centralize policy
management and maintain agility and consistency in policy enforcement throughout the network.
In summary, this solution ensures that the dynamic nature of the virtual network is secured with minimal
administrative overhead. You can successfully deploy applications with greater speed, efficiency, and security.