Palo Alto NGN-FW
Next generation firewall designed for new era’s threat and intelligent malicious code securely protects client’s network from all sorts of threat transmitted from various applications of ports that was allowed from existing legacy firewall.
APP-ID (Application’s Categorization and Control Function
- Control and blck 5 Categories, 25 Sub-categories and more than 2000 Application on Policy base
- Analyze tunneled application and compressed file such as SSL/HTTPS
- Add 3~5 new application every week
- Only allow business adequate traffic based on application or user
- Detect and control proxy, tunnel program
USER-ID (Detect and control actual user not based on IP)
- User undistinguishable by IP address (IP Address ≠ User)
- Link user by using existing certificate server
- Apply and manage user or group based policy
- Distinguish user by existing certificate server without agent distribution
Content-ID (Analyze and Control Transmit/Receive Data Contents)
- Inspect contents through Single Signature Engine
- Threat Prevention
- IPS (About 6,000 signature)
- Anti-Virus (About million virus signature)
- Anti-spyware (Real-time detection and block) - URL Filtering
- Have more than 100 million DB, categorize 62 URL - Data Filtering
- Block based on file type not filename extension
- Provide keyword search function
WildFire (APT Solution)
- Provide virtual sandbox environment and auto-generate malware signature
- Based on the act of detecting every application, every protocol, SSL traffic, and various evasion techniques (Different from original APT solution limited to web and email)
- Analyze files that are commonly used on attack such as MS file, PDF, EXE, Java, etc. - Distribute patch on detected threat under an hour
- Provide two products of Cloud Sandbox and Local Sandbox(WF-500)
Single-Pass Parallel Processing (SP3) Architecture
- Single-Pass (Search every security by one process by packet)
- Classify traffic(Detect application)
- User and user group mapping
- Contents scanning (detact attack, virus, URL, file type)
- Parallel processing
- Have unique parallel processing hardware engine by each function(Security CPU, signature matching chip, Network processor)
- Independent operation of data plane and management plane
Platform Line-up
Model | PA-7080 | PA-7050 | PA-5060 | PA-5050 | PA-5020 | PA-3060 &3050 | PA-3020 |
---|---|---|---|---|---|---|---|
Maximum application firewall capacity | 200Gbps | 120Gbps | 20Gbps | 10Gbps | 5Gbps | 4Gbps | 2Gbps |
Threat prevention capacity | 160Gbps | 60Gbps | 10Gbps | 5Gbps | 2Gbps | 2Gbps | 1Gbps |
Maximum concurrent session | 40,000,000 | 24,000,000 | 4,000,000 | 2,000,000 | 1,000,000 | 500,000 | 250,000 |
Maximum new connection by second | 1,200,000 | 720,000 | 120,000 | 120,000 | 120,000 | 50,000 | 50,000 |
Number of virtualization (basic/max) | 25/225 | 25/225 | 25/225 | 25/125 | 10/20 | 1/6 | 1/6 |
Number of supporting application | 2,000+ | ||||||
URL Category | 62 Category and more than 100 million URL | ||||||
IPS Signature | 6,000+ | ||||||
Anti-Virus Signature | 1,000,000+ |
Model | PA-500 | PA-200 | VM-1000-HV | VM-300 | VM-200 | VM-100 |
---|---|---|---|---|---|---|
Maximum application firewall capacity | 250Mbps | 100Mbps | 1Gbps | 1Gbps | 1Gbps | 1Gbps |
Threat prevention capacity | 100Mbps | 50Mbps | 600Mbps | 600Mbps | 600Mbps | 600Mbps |
Maximum concurrent session | 64,000 | 64,000 | 250,000 | 250,000 | 100,000 | 50,000 |
Maximum new connection by second | 7,500 | 1,000 | 8,000 | 8,000 | 8,000 | 8,000 |
Number of virtualization (basic/max) | N/A | N/A | Vmware ESXi, KVM, Xen, Amazon | |||
Number of supporting application | 2,000+ | |||||
URL Category | 62 Category and more than 100 million URL | |||||
IPS Signature | 6,000+ | |||||
Anti-Virus Signature | 1,000,000+ |