Virtualised Firewalls

Palo Alto Networks VM-Series Virtualised Firewall

The Palo Alto Networks VM-Series features three virtualised next-generation firewall models – the VM-100, VM-200, and VM-300. These platforms are supported on the VMware ESXi 4.1 and ESXi 5.0 platforms. 2, 4, or 8 CPU cores on your virtualised server platforms can be assigned for next-generation firewall processing.

With 4 CPU cores running, the VM-Series delivers up to 1 Gbps firewall throughput with App-ID enabled. To ensure that management is accessible to you during heavy traffic, the data and control plane are separated. In addition, our unique single-pass software architecture processes functions in a single pass to reduce latency.

The VM-Series runs PAN-OSTM, a security-specific operating system that:

  • Safely enables intra-virtual machine traffic
  • Protects you against all known and unknown threats
  • Integrates flexibly in the virtualised environment at layers 1, 2, or 3

Our PAN-OS next-generation firewall capabilities allow you to tie your security policies to virtual machine adds, moves and changes, and to create security policies that instantly sync with virtual workload creation.

VM-300 Overview

virtualised firewalls

  • 250,000 max sessions
  • 2,000 IPSec VPN tunnels/tunnel interfaces
  • 500 SSL VPN Users
  • 40 security zones
  • 5,000 max number of policies
  • 10,000 address objects
  • 1Gbps Firewall Throughput (App-ID enabled)*
  • 600 Mbps Threat Prevention Throughput*
  • 250 Mbps IPSec VPN Throughput*
  • 8,000 New sessions per second*

VM-200 Overview

virtualised firewalls

  • 100,000 max sessions
  • 500 IPSec VPN tunnels/tunnel interfaces
  • 200 SSL VPN Users
  • 20 security zones
  • 2,000 max number of policies
  • 4,000 address objects
  • 1Gbps Firewall Throughput (App-ID enabled)*
  • 600 Mbps Threat Prevention Throughput*
  • 250 Mbps IPSec VPN Throughput*
  • 8,000 New sessions per second*

VM-100 Overview

virtualised firewalls

  • 50,000 max sessions
  • 25 IPSec VPN tunnels/tunnel interfaces
  • 25 SSL VPN Users
  • 10 security zones
  • 250 max number of policies
  • 2,500 address objects
  • 1Gbps Firewall Throughput (App-ID enabled)*
  • 600 Mbps Threat Prevention Throughput*
  • 250 Mbps IPSec VPN Throughput*
  • 8,000 New sessions per second*

*Performance and capacities are measured under ideal testing conditions using PAN-OS 5.0 and 4 CPU cores.


Palo Alto Networks VM-Series Datasheet

The Palo Alto Networks™ VM-Series extends secure application enablement into virtualised environments while addressing key virtualisation security challenges: tracking security policies to virtual machine movement with dynamic address objects and integration with orchestration systems using a powerful XML management API.

Palo Alto Networks Firewall Overview

Palo Alto Networks Next Generation Firewall Overview

Palo Alto Networks Panorama

Panorama provides centralised policy and device management over a network of Palo Alto Networks™ next-generation firewalls.

Quotation Configuration

Your Name (required)

Company (required)

Your Email (required)

Telephone (required)

Number of Users (required)

Number of Connections

Size of each connection:
Connection 1:
Connection 2:
Connection 3:
Connection 4:
Connection 5:

Security Subscriptions

WildfireGlobal ProtectURL FilteringThreat Prevention

Standard Support & Maintenance:
Premium Support & Maintenance:

Additional Comments

Please leave this field empty.

Security Subscription Options


WildFire automatically protects your networks from new and customised malware across a wide range of applications, including malware hidden within SSL-encrypted traffic. WildFire easily extends the threat prevention capabilities of the next-generation firewall to tackle some of the most challenging threats in the world today, and does so with full visibility and enforcement at up to 10Gbps.


GlobalProtect bridges the divide between remote users and the enterprise security policy. First and foremost, GlobalProtect not only provides VPN access to corporate network but also extends enterprise security policy to all users regardless of their location. GlobalProtect frees enterprises from having to deploy different stacks of non-deterministic and inconsistent security solutions like proxy and VPN for their remote users. GlobalProtect connects users to the next-generation firewall to deliver full visibility, control and threat prevention to all enterprise traffic.

URL Filtering

Fully integrated URL filtering database enables granular control over web browsing activity, complementing safe application enablement policies.

Threat Prevention

Fully integrated real-time threat prevention protects enterprise networks from a wide range of threats, complementing the policy-based application visibility and control that the Palo Alto Networks next-generation firewalls deliver.

Support Services Options

Standard Support

Standard customer support and maintenance provides customers with baseline services for maintaining the next-generation firewall. This option includes the following features:

  • New Releases, Product Updates, and Patches: Provides the latest product innovations and bug fixes.
  • Updated Threat Databases: App-ID, URL, vulnerability, and GlobalProtect gateway updates are available for automatic or manual download to your firewalls
  • Online Customer Support Portal: A feature rich platform providing access to product documentation, problem resolution databases, peer-to-peer social interaction, and customer support case management
  • Business Hour Assisted Support: Get access to support engineers for help during normal business hours
  • Hardware Return then Replace Coverage: In the event of hardware failure, return the failed equipment and receive a replacement

Premium Support

Organisations choose premium customer support and maintenance for faster assistance and increased support engineer availability for the most critical issues. This option includes the following features:

  • All Elements of Standard Customer Support and Maintenance are included with this option
  • 24×7 Access to Technical Assistance Centers: Support engineers are available to assist with issues around the clock.
  • Priority Response to Support Inquiries:Whether submitted by phone or online, premium support customers receive priority access to available customer support engineers.
  • Next Business Day Ship Parts and Hardware Replacement: Provides fast turnaround for hardware replacement. For an additional fee, RMA and Hardware Replacement services can be upgraded to 4 Hour Ship, or On Site Spares for immediate replacement of failed hardware.
  • Technical Account Management (Optional):Subscription-based extension of the Premium Support program that provides dedicated customer advocacy for enterprises with unique or complex support requirements. The technical account manager will be familiar with the customer’s specific implementation, acting as a bi-directional communications conduit between Palo Alto Networks and the customer.

Please leave this field empty.

Book Your Palo Alto Networks Demo:

Krome Technologies can provide you with an online or onsite demonstration specifically showing you the fundamentals of Palo Alto Networks solutions, these demonstrations can be tailored to show you whatever you want to review, our consultants can give you a brief overview demonstration or deep dive technically depending on your interest, requirement or specific requests.

Alternatively we can organise for an evaluation unit to be sent to you for an agreed period to run on your own network.

Please note that required fields are highlighted with an asterisks*

Your Name*

Company Name*

Job Title*

Telephone Number*

Email Address*

Mobile Number

Company Address:

Approximate amount of users*:

Additional information or demo specific requests, please indicate if you would like an online demo, or evaluation unit for example:

Once we have received the request, we will endeavor to contact you within 24hours to discuss your demo requirements and schedule a convenient time for your Palo Alto Networks demo or evaluation to take place.




Next-generation firewalls enforce network security policies based on applications, users, and content