Sold by: Palo Alto Networks
Deployed on AWS
Free Trial
The VM-Series next-generation firewall allows developers and cloud security architects to embed inline threat and data theft prevention into their application development workflows. Native AWS services combined with VM-Series automation features allow you to create "touchless" deployments.
Overview
IMPORTANT: This listing will be restricted starting from 05/11. Please consider using https://aws.amazon.com/marketplace/pp/B083M7JPKB instead.
The VM-Series next-generation firewall allows developers and cloud security architects to embed inline threat and data loss prevention into their application development workflows. Your applications and data are protected with whitelisting and segmentation policies that are dynamically updated based on AWS tags, allowing you to reduce the attack surface area and achieve compliance. Additionally, threat prevention policies can stop both known and unknown attacks.
Bundle 1 includes Threat Prevention (IDS/IPS) subscription, Advanced Threat Prevention Subscription and Premium Support. Panorama (available separately in Marketplace) allows the VM-Series to be managed centrally alongside our firewall appliances to maintain security policy that is consistent with on-premises environments.
Note: With PAN-OS 9.0.3.xfr and 9.1.0, VM-Series now supports DPDK on the C5 and M5 instances to efficiently process traffic and offer increased performance. If you are switching your VM-Series to C5/M5, we recommend you to migrate the configuration from the old instance to the new C5/M5 instance.
Highlights
- An AWS Network Competency and Security Competency approved solution that complements native AWS security with real-time threat and data theft prevention
- Dynamic and large scale deployments can be protected using AWS Auto Scaling/ELB integration and Transit VPC with AWS Transit Gateway
- Amazon GuardDuty and AWS Security Hub integration enables the VM-Series to automatically block potentially malicious activity.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
OtherLinux PAN-OS 8.1.25-h1
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 15 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
m5.xlarge Recommended | $0.87 |
m4.xlarge | $0.87 |
c5n.9xlarge | $0.87 |
m5.12xlarge | $0.87 |
m3.xlarge | $0.87 |
m5.24xlarge | $0.87 |
m5n.xlarge | $0.87 |
m3.2xlarge | $0.87 |
m5n.2xlarge | $0.87 |
m4.2xlarge | $0.87 |
Vendor refund policy
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
See documentation for detailed steps to set admin password before using the web interface of VM-Series. Once the instance is running, connect to it using a SSH client with the private key file used to launch the instance. For example: ssh -i <privatekey.pem> admin@<EIP or private IP of eth0> Then use the PAN-OS CLI commands "configure", "set mgt-config users admin password" and "commit" commands to set the password.
Support
Vendor support
Premium support is available as part of this offering once the VM-Series firewall has been deployed and configured. To help you get started, how-to videos, deployment guides, reference architectures and discussion forums are available on our VM-Series on AWS resource page. The resource page will also allow you to register your firewall and contact support 24/7 in the event that you encounter critical or complex issues once the deployment has completed. http://live.paloaltonetworks.com/aws
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Palo Alto Networks
By Forcepoint
By Check Point Software Technologies
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Network Traffic Inspection
Advanced intrusion detection and prevention system with inline threat prevention capabilities
Cloud Security Automation
Dynamic policy updates based on AWS tags for automated security segmentation
Threat Prevention Technology
Capability to stop both known and unknown attacks using advanced prevention mechanisms
Performance Optimization
DPDK support on C5 and M5 instances for efficient traffic processing and increased performance
Security Integration
Native integration with Amazon GuardDuty and AWS Security Hub for automated threat blocking
Network Virtualization
Secure virtual private network (VPN) gateway for connecting remote sites and branch offices
Advanced Threat Protection
Dynamic security controls with application layer exfiltration security and advanced evasion techniques (AETs) identification
Intrusion Prevention
Integrated advanced Intrusion Prevention System (IPS) with capability to stop Advanced Evasion Techniques
Security Policy Management
Centralized policy configuration with global update capabilities across network infrastructure
Malware Detection
Sandboxing technology for identifying zero-day attacks and advanced malware
Network Traffic Inspection
Inspects traffic entering and exiting private subnets in VPC ("North-South") and between VPCs ("East-West")
Advanced Threat Prevention
Provides multi-layered security capabilities including firewall, IPS, threat emulation, and threat extraction with advanced catch rates
Cloud Infrastructure Integration
Supports infrastructure-as-code tools like Terraform and Ansible, dynamically adapts security policies based on cloud metadata
Security Protocol Coverage
Comprehensive security features including Data Loss Prevention, application control, IPsec VPN, URL filtering, antivirus, and anti-Bot protection
Cloud Service Compatibility
Integrates with AWS services including Gateway Load Balancer, AWS Security Hub, VPC Ingress Routing, AWS Traffic Mirroring, and AWS Transit Gateway
Standard contract
No
No
No
Customer reviews
4.4
4 ratings
4 AWS reviews
|
183 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Cristian C.
Strong firewall with good visibility but setup can be complex
Reviewed on Aug 25, 2025
Review provided by G2
What do you like best about the product?
The most valuable feature is the level of visibility into network traffic. It makes it much easier to identify threats and manage applications compared to traditional firewalls. The policy management is flexible, and the reporting tools give our team useful insights into potential risks. Integration with cloud environments is also a big advantage, since it allows us to apply consistent security policies across on-premises and cloud workloads.
What do you dislike about the product?
The initial deployment process was more challenging than expected, and the learning curve for new administrators is steep. While the product is powerful, configuring policies correctly can take time and sometimes requires additional training. Support is generally good but can be slow during peak hours. Pricing is also on the higher side, which may be a concern for smaller organizations.
What problems is the product solving and how is that benefiting you?
Palo Alto Networks NGFW helps us centralize network security and reduce gaps between different tools. Before using it, managing firewalls and intrusion detection separately created extra work and slowed down compliance checks. Now, we can enforce consistent security policies across on-premises and cloud environments, respond faster to threats, and get better visibility into network traffic. It has reduced manual tasks and improved overall confidence in our security posture. At the same time, configuring complex policies can take time, and pricing can be challenging for growing organizations, so there’s room for improvement.
Uday R.
Reliable, Secure, and Intelligent Firewall Solution
Reviewed on Aug 19, 2025
Review provided by G2
What do you like best about the product?
The best part about Palo Alto Networks Next-Generation Firewalls is their ability to provide deep visibility and control over network traffic without compromising performance. The user interface is intuitive, and the integration with threat intelligence ensures that the firewall can detect and prevent both known and emerging threats in real time.
What do you dislike about the product?
The initial setup and configuration can be complex, especially for administrators who are new to the platform. The learning curve is somewhat steep, and fine-tuning security policies requires time and expertise. Licensing can also feel a bit confusing, as different features often require separate subscriptions.
What problems is the product solving and how is that benefiting you?
Palo Alto Networks Next-Generation Firewalls are helping us prevent advanced threats, control applications, and secure remote access for users across different locations. They provide deep visibility into traffic, which makes it easier to detect and stop malicious activity before it impacts operations. The granular policies reduce risks, improve compliance, and save time for the IT team by simplifying management through centralized monitoring. Overall, it has strengthened our security posture while keeping network performance stable.
Devansh S.
Palo Alto Networks Next-Generation Firewalls
Reviewed on Aug 18, 2025
Review provided by G2
What do you like best about the product?
Palo Alto Networks Next-Generation Firewalls are excellent for their advanced threat prevention, providing superior visibility and control over applications, users, and content. Their unique App-ID, User-ID, and Content-ID technologies enable highly granular and effective security policies. This comprehensive approach, combined with features like WildFire for zero-day threat analysis, significantly enhances an organization's overall security posture.
What do you dislike about the product?
While Palo Alto Networks' Next-Generation Firewalls offer strong security, their primary drawbacks are often cited as high cost and complexity. The extensive features and advanced capabilities come with a steep learning curve and expensive licensing, which can be prohibitive for smaller organizations. Additionally, some users have reported issues with performance degradation when enabling all advanced security features and have noted that customer support can be inconsistent.
What problems is the product solving and how is that benefiting you?
Palo Alto Networks Next-Generation Firewalls are designed to address the challenges of modern, application-driven networks and sophisticated cyber threats. They solve the problem of limited visibility and control that traditional firewalls have by identifying and controlling traffic based on the application, user, and content, not just IP addresses and ports. This allows for the creation of precise security policies, which directly benefits me by reducing the attack surface, simplifying network management, and providing robust protection against a wide range of threats, including zero-day attacks and malware hidden in encrypted traffic.
Sources
Sources
Parth K.
PCNSE-certified with experience deploying, configuring, and managing Palo Alto NGFWs.
Reviewed on Aug 15, 2025
Review provided by G2
What do you like best about the product?
Palo Alto NGFWs provide exceptional visibility and control over network traffic, seamless integration with security tools, advanced threat prevention, and user-friendly management via Panorama. The App-ID and Content-ID features are incredibly effective at identifying and blocking threats in real time, enhancing overall security posture.
What do you dislike about the product?
While Palo Alto NGFWs deliver top-tier security, initial setup and policy configuration can be complex for beginners. Licensing costs and subscription renewals can also be expensive, and frequent updates may require planned downtime in high-availability environments. Additionally, some advanced features have a steep learning curve.
What problems is the product solving and how is that benefiting you?
Palo Alto NGFWs help prevent advanced threats, stop malware, and control applications with precision. Their App-ID, User-ID, and Threat Prevention features improve network visibility, reduce attack surface, and ensure compliance. This has strengthened our security posture, minimized downtime, and allowed faster, more confident incident response.
VedPrakash M.
Comprehensive Protection with Palo Alto Networks Next-Generation Firewalls
Reviewed on Aug 11, 2025
Review provided by G2
What do you like best about the product?
I like that Palo Alto Networks Next-Generation Firewalls are easy to use, very reliable, and give strong protection against all kinds of cyber threats. They make it simple to see and control what’s happening on the network, which helps keep everything safe.
What do you dislike about the product?
They can be a bit expensive compared to other options, and sometimes setting up advanced features takes extra time and expertise. Updates can also cause brief interruptions if not planned well.ease of integration and customer support
What problems is the product solving and how is that benefiting you?
It protects our network from hackers, viruses, and unwanted traffic. This keeps our data safe, reduces downtime, and gives us peace of mind knowing our systems are secure.