New Features for Virtualized Environments

1. New Features for Virtualized Environments Mike Jacobsen

2. Addressing security challenges in virtualized environments • Provisioning of applications can occur in minutes with frequent changes • Security approvals and configurations may take weeks/months • Dynamic security policies for physical and virtual firewalls that understand VM context are needed • Dynamic Address Groups • Dynamic address objects introduced in 5.0 • Automatically updating firewall object • Single tag support • Dynamic address groups in 6.0 • Supports multiple tags for VM attributes • Increased max of registered IP addresses per object/system • 5.0 dynamic objects convert to new groups • VM Monitoring • No pre-built integrations in 5.0 • Manual scripts using API calls required to update dynamic objects • VM Monitoring in 6.0 • Native integration with VMware vCenter and ESXi as dynamic information sources • Continued support for custom information sources using APIs

3. Dynamic address groups and VM monitoring VMware vCenter or ESXi PAN-OS Dynamic Address Groups 10.5.1.9 PAN-OS Security Policy

4. VM-Series support for Citrix NetScaler SDX • Citrix NetScaler SDX is an open service-delivery platform that consolidates ADC (application delivery controller) and best-in-class network and security services • VM-Series is now supported on Citrix SDX 11500 and 17550 Series • Key use cases: • Multi-tenant cloud deployments to meet individual needs of business unit, application owners, service provider customers • Integrated solution for Citrix XenApp/XenDesktop deployments VM-100, VM-200, VM-300 deployed as guest VMs