Bryan, there is a Palo Alto plugin, but I am not sure how advanced it is. As for intrusion detection I would put it in front of the CloudStack installation. The virtual router is one thing you want to protect for instance.
I'd need to see the proposed design to give any more judgemental advice. On Tue, Nov 21, 2023 at 8:19 AM Bryan Tiang <bryantian...@hotmail.com> wrote: > > Hi All, > > I have a potential client who is a bank, and requires a VPC, 3 Subnets, with > each subnet segregated by a firewall. > > We proposed the idea of using Network ACLs, but they didn’t accept the idea. > They want packet filtering, intrusion prevention features etc which are all > features of a full fledge firewall. > > Is it possible to install a VM Firewall from Fortinet/Palo Alto, use those to > segregate the traffic between the 3 subnets instead? All via cloudstack? > > If not, any idea how I could go around this? > > Regards, > Bryan -- Daan
