Join top executives in San Francisco on July 11-12, to hear how leaders are integrating and optimizing AI investments for success. Learn More

Palo Alto Networks today unveiled a new cloud next-generation firewall (NGFW) service — developed with Amazon Web Services for the AWS cloud. It aims to provide “best-in-class network security” delivered with the simplicity of a native AWS service, an executive at the cybersecurity vendor told VentureBeat.

The new Palo Alto Networks Cloud NGFW for AWS is the first cloud network security solution to offer a combination of both of those elements, whereby “customers no longer need to choose” between the two, said Anand Oswal, senior vice president for network security at Palo Alto Networks.

Until now, customers who prioritized easy deployment typically would have to settle for basic cloud network security. Because in order to get the highest-caliber security capabilities — such with Palo Alto Networks’ VM-Series NGFW for AWS — it was not possible to get the simplicity around deployment and scaling that is associated with Amazon cloud services.

For instance, customers could acquire the VM-Series NGFW from the AWS Marketplace, install and configure the next-gen firewall and manage it themselves. But for some customers, that proves to be a complex task.


Transform 2023

Join us in San Francisco on July 11-12, where top executives will share how they have integrated and optimized AI investments for success and avoided common pitfalls.


Register Now

The Palo Alto Networks Cloud NGFW for AWS, on the other hand, is “not only best-in-class and can stop these zero days and sophisticated threats — but it’s also easy to deploy and scale like other native AWS services,” Oswal said. “You get the best of both.”

Fully managed

Along with easy procurement via the AWS Marketplace — followed by setup and integration with other AWS services “within a few clicks,” he said — the new Cloud NGFW is a fully managed cloud service, according to Palo Alto Networks. That means that customers are not responsible for any updating or management of the infrastructure, with the next-gen firewall benefiting from elastic scaling and high availability via the AWS Gateway Load Balancer, the company said.

Concerning security, key capabilities for the Cloud NGFW for AWS include advanced URL filtering, which leverages deep learning to block zero-day threats in real time. Other features include threat prevention to stop malware, command-and-control communications and exploits of known vulnerabilities — as well as App-ID traffic classification to limit the risk of an attack.

Automation capabilities, meanwhile, include support for API, AWS CloudFormation and HashiCorp Terraform templates, according to Palo Alto Networks. “You can really have the automation capabilities because it’s a cloud-native service, just like any other AWS service,” Oswal said.

This native experience also means that Cloud NGFW for AWS is integrated with AWS Firewall Manager — which enables consistent management of firewall policies for those using multiple accounts and virtual private clouds (VPCs) on AWS, according to Palo Alto Networks. The Cloud NGFW is the first security service to be integrated natively with AWS Firewall Manager, Oswal said.

“You can write one policy, and secure all your AWS accounts and VPCs,” he said. “So it really helps customers scale.”

Cloud-native surge

The debut of Palo Alto Networks’ Cloud NGFW for AWS comes as cloud adoption continues to increase. Gartner has forecast that by 2025, 85% of companies will embrace a “cloud-first” approach to drive their digital strategies. And when it comes to new digital workloads, 95% will be deployed on cloud-native platforms by that time — compared to 30% in 2021, according to the research firm.

Among the other largest public cloud platforms, Google Cloud also has a cloud-native network security offering developed with Palo Alto Networks. That offering, Cloud IDS, launched in December — but it is a Google Cloud offering rather than a Palo Alto Networks service.

AWS continues to maintain its lead in market share for cloud infrastructure services (at 33%), according to Synergy Research Group, followed by Microsoft Azure at No. 2 (with 21% market share) and Google Cloud at No. 3 (with 10% of the market). All three of the biggest public cloud platforms have been investing heavily to launch new native security offerings in recent years, the companies have seaprately reported.

In a news release, Stephen Orban, vice president for AWS Marketplace and control services at AWS, said the cloud platform has “worked closely” with Palo Alto Networks over the past year to develop the new Cloud NGFW service.

Ultimately, the new Palo Alto Networks Cloud NGFW stands out from other cloud network security offerings because “it’s a cloud-native service integrated seamlessly into AWS,” Oswal said.

Thus, in addition to advanced protection, “you get the simplicity of the public cloud,” he said. “It really makes it easy to scale network security.”

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.