- Application visibility (e.g. Facebook, Gmail, etc.)
- URL Filtering
- Threat Prevention (IDS/IPS, viruses, spyware, malware, vulnerabilities, exploits)
- Data Filtering (Credit Cards, SSN, file types, custom patterns)
- QoS Traffic Shaping
- SSL VPN for remote users
- VPN
- Firewall with security zones
- Router
- High performance single data pass architecture
- High Performance 10 Gbps Firewall Models
Application Identification
- Identifies more than 1,000 applications irrespective of port, protocol, SSL encryption or evasive tactic employed.
- Enables positive enforcement application usage policies: allow, deny, schedule, inspect, apply traffic shaping.
- Graphical visibility tools enable simple and intuitive view into application traffic.
- Identifies more than 1,000 applications irrespective of port, protocol, SSL encryption or evasive tactic employed.
User Identification
- Policy-based visibility and control over who is using the applications through seamless integration with Active Directory, LDAP, and eDirectory.
- Identifies Citrix and Microsoft Terminal Services users, enabling visibility and control over their respective application usage.
- Control non-Windows hosts via web based authentication.
- Policy-based visibility and control over who is using the applications through seamless integration with Active Directory, LDAP, and eDirectory.
Content Identification
- Block viruses, spyware, and vulnerability exploits, limit unauthorized transfer of files and sensitive data such as CC# or SSN, and control non-work related web surfing.
- Single pass software architecture enables multi-gigabit throughput with low latency while scanning content.
- Block viruses, spyware, and vulnerability exploits, limit unauthorized transfer of files and sensitive data such as CC# or SSN, and control non-work related web surfing.
Enterprise Firewalls
- NEWEST - PA-200 - 100 Mbps Firewall throughput, 4 x 10/100/1000
- PA-500 - 250 Mbps Firewall throughput, 8 x 10/100/1000
- PA-2020 - 500 Mbps firewall throughput, 12 x 10/100/1000 + 2 SFP
- PA-2050 - 1 Gbps firewall throughput, 16 x 10/100/1000 + 4 SFP
- PA-4020 - 2 Gbps firewall throughput, 16 x 10/100/1000 + 8 SFP
- PA-4050 - 10 Gbps firewall throughput, 16 x 10/100/1000 + 8 SFP
- PA-4060 - 10 Gbps firewall throughput, 4 x 10 Gigabit XFP + 4 Gigabit SFP
- NEW - PA-5020 - 5 Gbps firewall throughput, 12 x 10/100/1000, 8 x Gigabit SFP
- NEW - PA-5050 - 10 Gbps firewall throughput, 12 x 10/100/1000, 8 x Gigabit SFP, 4 x 10 Gigabit SFP+
- NEW - PA-5060 - 20 Gbps firewall throughput, 12 x 10/100/1000, 8 x Gigabit SFP, 4 x 10 Gigabit SFP+
Additional information on:
- IDP
- URL Filtering
- QoS
- Reporting
- Web 2.0
- DoD Directive
- GlobalProtect
- IDP
- URL Filtering
- QoS
- Reporting
- Web 2.0
- DoD Directive
- GlobalProtect
The Palo Alto Networks PA-200 is ideally suited for small offices or branch offices. It offers a separate processor for control and dataplane. 16 GB SSD enables full visibility and reporting tools. Logging survives a network outage! 2.5 GB DRAM is dedicated to the control processor and 1.5 GB DRAM is dedicated to the dataplane processor.
Cooling is done with an ultra-quiet 12dB fan and the dimensions are 9" x 7" x 1.7".
Features not supported on PA-200:- Virtual systems
- Jumbo frames
- Link aggregation
- Limited to HA-lite (Passive HA without session synch)
The Palo Alto Networks PA-500 is ideally suited for Internet gateway deployments within medium to large branch offices and medium sized enterprises. The PA-500 manages network traffic flows with high performance processing and dedicated memory for networking, security, threat prevention and management. A high speed backplane smoothes the pathway between processors and the separation of data and control plane ensures that management access is always available, irrespective of the traffic load.
The Palo Alto Networks PA-2000 Series is comprised of two high performance platforms, the PA-2020 and the PA-2050, both of which are ideally suited for high speed Internet gateway deployments within large branch offices and medium sized enterprises. The PA-2000 Series manages network traffic flows using dedicated processing and memory for networking, security, threat prevention and management. A high speed backplane smoothes the pathway between processors and the separation of data and control plane ensures that management access is always available, irrespective of the traffic load.
The Palo Alto Networks PA-4000 Series is comprised of three high performance platforms, the PA-4060, the PA-4050 and the PA-4020, all of which are targeted at high speed Internet gateway deployments within enterprise environments. The PA-4000 Series manages multi-Gbps traffic flows using dedicated processing and memory for networking, security, threat prevention and management. A 10 Gbps backplane smoothes the pathway between processors and the physical separation of data and control plane ensures that management access is always available, irrespective of the traffic load.
The PA-5000 Series of enterprise firewalls is designed to protect data centers, large enterprise Internet gateways, and service provider environments where traffic demands dictate predictable firewall and threat prevention throughput. Traffic flows of up to 20 Gbps are effectively protected with more than 40 processors distributed across four functional areas: networking, security, content inspection and management.
Reliability and resiliency is delivered by active/active or active/passive high availability; physical separation of data and control plane; and redundant, hot swappable components.
Flexible Deployment Topologies (per port!)
- Use tap mode with span or mirror ports from switches. Provides full application visibility without inline deployment. Cannot be use to provide active control or blocking.
- Provides full visibility and active control or blocking without requiring any changes to the network topology. Can be used in parallel with existing firewalls. Often used to provide IDP capability and/or URL filtering without replacing existing firewalls.
- Use for firewall replacement along with application control and visibility. Offers consolidation for firewall, VPN, IPS and URL filtering.
Additional documentation and information
Download platform specs>>
Download PA500 datasheet >>
Download PA2xxx datasheet >>
Download PA4xxx datasheet >>
Download Panorama datasheet >>
Download whitepaper about enabling applications >>
Download whitepaper the future of Intrusion Prevention >>
Download - What's new in PAN-OS3 >>
Download Threat Prevention datasheet >>
Download URL Filtering datasheet >>
Download Content ID datasheet >>
Download User ID datasheet >>
Download App ID datasheet >>
Download Protecting Microsoft SharePoint whitepaper >>
Download Preventing Data Leaks whitepaper >>
Download PA500 datasheet >>
Download PA2xxx datasheet >>
Download PA4xxx datasheet >>
Download Panorama datasheet >>
Download whitepaper about enabling applications >>
Download whitepaper the future of Intrusion Prevention >>
Download - What's new in PAN-OS3 >>
Download Threat Prevention datasheet >>
Download URL Filtering datasheet >>
Download Content ID datasheet >>
Download User ID datasheet >>
Download App ID datasheet >>
Download Protecting Microsoft SharePoint whitepaper >>
Download Preventing Data Leaks whitepaper >>
Founded by security visionary Nir Zuk, Palo Alto Networks offers real innovation in the firewall by enabling unprecedented visibility and control of applications and content – by user, not just IP address – at up to 10Gbps with no performance degradation. Based on patent-pending App-ID™ technology, their next generation firewalls accurately identify applications – regardless of port, protocol, evasive tactic or SSL encryption – and scan content to stop threats and prevent data leakage. Enterprises can for the first time embrace Web 2.0 and maintain complete visibility and control, while significantly reducing total cost of ownership through device consolidation.
