Palo Alto 800 Series Next-Generation Firewall Appliances – PA-800

Description

Palo Alto 800 Series Specifications:

• Manufacturer: Palo Alto
• Brand: Palo Alto Networks
• Product Line: Palo Alto Networks
• Model: PA-800
• Type: Next-Generation Firewall Appliances

Storage Capacity:

• capacity: 240 GB
•  Type: SSD

Interface Modes:

• L2, L3, tap, virtual wire (transparent mode)

Routing:

• OSPFv2/v3 with graceful restart, BGP with graceful restart, RIP, static routing
• Policy-based forwarding
• Point-to-Point Protocol over Ethernet (PPPoE)
• Multicast: PIM-SM, PIM-SSM, IGMP v1, v2, and v3

SD-WAN:

• Path quality measurement (jitter, packet loss, latency)
• Initial path selection (PBF)
• Dynamic path change

IPv6:

• Key exchange: manual key, IKEv1, and IKEv2 (pre-shared key, certificate-based authentication)
• Encryption: 3DES, AES (128-bit, 192-bit, 256-bit)
• Authentication: MD5, SHA-1, SHA-256, SHA-384, SHA-51

VLANs:

• 802.1Q VLAN tags per device/per interface: 4,094/4,094
• Aggregate interfaces:  (802.3ad), LACP

Network Address Translation:

• NAT modes (IPv4): static IP, dynamic IP, dynamic IP and port (port address translation)
• NAT64, NPTv6
• Additional NAT features: dynamic IP reservation, tunable dynamic IP and port oversubscription

High Availability:

• Modes: active/active, active/passive
• Failure detection: path monitoring, interface monitoring

Palo Alto 800 Series Key Features:

Classifies all applications, on all ports, all the time

• Identifies the application, regardless of port, SSL/SSH en[1]cryption, or evasive technique employed.
• Uses the application, not the port, as the basis for all your safe enablement policy decisions: allow, deny, schedule, inspect, and apply traffic-shaping.
• Categorizes unidentified applications for policy control, threat forensics, or App-ID™ technology development.
• Provides full visibility into the details of all TLS-encrypted connections and stops threats hidden in encrypted traffic, including traffic that uses TLS 1.3 and HTTP/2 protocols.

 Enforces security policies for any user, anywhere

• Deploys consistent policies to local and remote users run[1]ning on the Windows®, macOS®, Linux, Android®, or Apple iOS platforms.
• Enables agentless integration with Microsoft Active Directory® and Terminal Services, LDAP, Novell eDirectory™, and Citrix.
• Easily integrates your firewall policies with 802.1X wireless, proxies, network access control, and any other source of user identity information.

 Extends native protection across all attack vectors with cloud-delivered security subscriptions

• Threat Prevention: inspects all traffic to automatically block known vulnerabilities, malware, vulnerability exploits, spyware, command and control (C2), and custom intrusion prevention system (IPS) signatures.
• WildFire® malware prevention: protects against unknown file-based threats, delivering automated prevention in seconds for most new threats across networks, endpoints, and clouds.
• URL Filtering: prevents access to malicious sites and protects users against web-based threats.
• DNS Security: detects and blocks known and unknown threats over DNS while predictive analytics disrupt attacks using DNS for C2 or data theft.
• IoT Security: discovers all unmanaged devices in your network, identifies risks and vulnerabilities, and auto[1]mates enforcement policies for your ML-Powered NGFW using a new Device-ID™ policy construct.

Enables SD-WAN functionality

• Easily adopt SD-WAN by simply enabling it on your existing firewalls. Enables you to safely implement SD-WAN, which is natively integrated with our industry-leading security.
• Delivers an exceptional end user experience by minimizing latency, jitter, and packet loss

Palo Alto-800 Series Datasheet – Download PDF