Palo Alto Firewall - Specifications

Overview

This part describes the specifications for deploying Palo Alto Firewall.
It is based on Palo Alto VM-Series images and supports single and dual topologies.

Flavors

The available sizes of flavors for this VNF are shown below. These depend on the software versions selected.

Flavors table for Palo Alto Firewall
	Standard	DPDK
Small	2 vCPU 8 GB Mem	2 vCPU 4 GB Mem
Medium	4 vCPU 16 GB Mem	4 vCPU 16 GB Mem
Large	8 vCPU 32 GB Mem	8 vCPU 32 GB Mem

Interfaces

The interfaces available for this VNF are listed below:

Interface 1: Internet Interface - management (with a Public IP).
Interface 2: Internet Interface - access (with a Public IP).
Interface 3: MPLS interface used to connect to Orange MPLS VPN via VLAN sub-interfaces (101 to 108).
For each VLAN sub-interface:
- VPN list (1..99 items):
  - VPN Name
  - VPN role: any-to-any, client, server
- BGP:
  - Enable/Disable BGP
  - AS prepend (integer 1..6)

Software device versions

Below are the software image versions available for this VNF.

PA-VM-KVM-10.2.10-h9
PA-VM-KVM-10.2.10-h9_DPDK

Service Specific Parameters

VM AS number (2 or 4 bytes)
Hashed password
IPv4 address of the primary Panorama server
IPv4 address of the secondary Panorama server
Authentication key
Template name
Devicegroup name
PIN ID
PIN Value

Licence

Only Bring Your Own Licence (BYOL) type is supported for Fortinet SDWAN. You need to purchase your software licence with Fortinet sales.

Security group

No default security group configured for Fortinet VNE model.

Useful links

Palo Alto Support

Overview​

Flavors​

Interfaces​

Software device versions​

Service Specific Parameters​

Licence​

Security group​

Useful links​