What does Virtual Wire interface in Palo Alto firewall used for?

We all know Palo Alto Network Firewalls offers quite flexibility deployment options, one can also deploy Palo Alto Networks in Virtual Wire or V-Wire mode. This is the beauty of Palo Alto Networks Firewalls , the flexibility it offers cannot be matched by some of the leading firewall vendors. Though other vendors offers the same feature better known as transparent firewalls.

Virtual Wire mode can be deployed by pairing a set of two physical interfaces into a single set and in V-Wire mode one does not needs to assign either an IP Address or a mac address. Virtual Wire is also referred to as a “Bump in the Wire” of “Transparent In-Line”. By default certain Palo Alto Networks Firewalls comes with preconfigure Virtual Wire mode and Ethernet ports 1 and 2 are part of that default V-Wire.

These kinds of deployment comes very handy, especially when one does not wants to do any kind of switching or routing and simply wants to plug and play with the Palo Alto Networks firewall. The biggest value Palo Alto Networks offers in Virtual Wire mode is, it supports features like App-ID, decryption , Content-ID , User-ID and NAT by using all these features one can certainly inspect the traffic passing through Virtual Wire and can apply the security policy. In upcoming post lets configure a Palo Alto Firewall in Virtual -Wire Mode and see how it works.