Security ▼

Security >

Palo Alto NGN-FW

Next generation firewall designed for new era’s threat and intelligent malicious code securely protects client’s network from all sorts of threat transmitted from various applications of ports that was allowed from existing legacy firewall.

APP-ID (Application’s Categorization and Control Function

  • Control and blck 5 Categories, 25 Sub-categories and more than 2000 Application on Policy base
  • Analyze tunneled application and compressed file such as SSL/HTTPS
  • Add 3~5 new application every week
  • Only allow business adequate traffic based on application or user
  • Detect and control proxy, tunnel program

USER-ID (Detect and control actual user not based on IP)

  • User undistinguishable by IP address (IP Address ≠ User)
  • Link user by using existing certificate server
  • Apply and manage user or group based policy
  • Distinguish user by existing certificate server without agent distribution

Content-ID (Analyze and Control Transmit/Receive Data Contents)

  • Inspect contents through Single Signature Engine
  • Threat Prevention
    - IPS (About 6,000 signature)
    - Anti-Virus (About million virus signature)
    - Anti-spyware (Real-time detection and block)
  • URL Filtering
    - Have more than 100 million DB, categorize 62 URL
  • Data Filtering
    - Block based on file type not filename extension
    - Provide keyword search function

WildFire (APT Solution)

  • Provide virtual sandbox environment and auto-generate malware signature
    - Based on the act of detecting every application, every protocol, SSL traffic, and various evasion techniques (Different from original APT solution limited to web and email)
    - Analyze files that are commonly used on attack such as MS file, PDF, EXE, Java, etc.
  • Distribute patch on detected threat under an hour
  • Provide two products of Cloud Sandbox and Local Sandbox(WF-500)

Single-Pass Parallel Processing (SP3) Architecture

  • Single-Pass (Search every security by one process by packet)
    - Classify traffic(Detect application)
    - User and user group mapping
    - Contents scanning (detact attack, virus, URL, file type)
  • Parallel processing
    - Have unique parallel processing hardware engine by each function(Security CPU, signature matching chip, Network processor)
    - Independent operation of data plane and management plane

Platform Line-up

Model PA-7080 PA-7050 PA-5060 PA-5050 PA-5020 PA-3060 &3050 PA-3020
Maximum application firewall capacity 200Gbps 120Gbps 20Gbps 10Gbps 5Gbps 4Gbps 2Gbps
Threat prevention capacity 160Gbps 60Gbps 10Gbps 5Gbps 2Gbps 2Gbps 1Gbps
Maximum concurrent session 40,000,000 24,000,000 4,000,000 2,000,000 1,000,000 500,000 250,000
Maximum new connection by second 1,200,000 720,000 120,000 120,000 120,000 50,000 50,000
Number of virtualization (basic/max) 25/225 25/225 25/225 25/125 10/20 1/6 1/6
Number of supporting application 2,000+
URL Category 62 Category and more than 100 million URL
IPS Signature 6,000+
Anti-Virus Signature 1,000,000+
Model PA-500 PA-200 VM-1000-HV VM-300 VM-200 VM-100
Maximum application firewall capacity 250Mbps 100Mbps 1Gbps 1Gbps 1Gbps 1Gbps
Threat prevention capacity 100Mbps 50Mbps 600Mbps 600Mbps 600Mbps 600Mbps
Maximum concurrent session 64,000 64,000 250,000 250,000 100,000 50,000
Maximum new connection by second 7,500 1,000 8,000 8,000 8,000 8,000
Number of virtualization (basic/max) N/A N/A Vmware ESXi, KVM, Xen, Amazon
Number of supporting application 2,000+
URL Category 62 Category and more than 100 million URL
IPS Signature 6,000+
Anti-Virus Signature 1,000,000+