This Quick Start builds an enterprise-class security and analytics environment on the Amazon Web Services (AWS) Cloud, using the Palo Alto Networks VM-Series next-generation firewall, Splunk Enterprise, and the Palo Alto Networks App for Splunk, along with complementary services from AWS.
These technologies help protect your workloads from cyberattacks and provide visibility, analytics, and reporting across cloud, on-premises, and hybrid environments.
The Palo Alto Networks VM-Series next-generation firewall complements AWS security groups and web application firewalls by classifying and controlling application traffic on AWS based on the application identity, and then applying threat prevention policies to block known and unknown cyberthreats. Splunk Enterprise provides security visibility by capturing and analyzing logs from the Palo Alto firewall using the Palo Alto Networks App for Splunk.
The Quick Start offers two deployment options:
- Deploying the security and analytics environment into a new virtual private cloud (VPC) that's configured for security, scalability, and high availability
- Deploying the security and analytics environment into an existing VPC in your AWS account
You can also use the AWS CloudFormation templates as a starting point for your own implementation.
For architectural details, step-by-step instructions, and customization options, see the deployment guide.
To post feedback, submit feature ideas, or report bugs, use the Issues section of this GitHub repo. If you'd like to submit code for this Quick Start, please review the AWS Quick Start Contributor's Kit.