Palo Alto Networks PA-5000 firewall
- Customer pickup,
- Courier
- In detail
- BrandPalo Alto Networks
- Country of manufactureUnited States
The PA-5000 series is developed for protection and segmentation of the data-processing centers (DPC) and user segments of the large organizations where high network loading demands inherent reliability and high capacity of the firewall.
Besides, the senior model of a ruler - PA-5060 - are used by a TV set providers both for internal needs, and for providing to the clients services "chisty Internet" and additional services of protection against network threats.
Safety of channels with a capacity up to 20 Gbit / with in the PA-5000 models is provided with 40 processors which are distributed between four functional areas: processing of network packages, application of security policies, inspection of data and management of a platform.
High availability is provided with physical division of logic of management and logic of data processing, duplication of critical knots, and also operation of several firewalls in the modes are active - active and active-passive.
Optimum scenarios of application
- Kernel and segmentation of corporate subnets
- Internet gateway for the largest organizations
- Complex corporate decision (Internet, segmentation of subnets, VPN access)
- Telecom providers
- Outsourcing of network protection, network protection as service telecom providers (for example, service "Chisty Internet")
Functions
- The firewall with the built-in recognition of appendices (App-ID)
- Recognition of accounts of users (User-ID)
- IPS - protection against invasions
- Antivirus - Protection against the known viruses
- WildFire - Protection against unknown and new viruses, 0-day and APT
- URL filtration
- Recognition of content and formats of data (Content-ID)
- User VPN and Site-to-Site VPN (SSL, IPsec)
- Decoding and inspection of SSL and SSH traffic
- Virtual routers and safety zones
Main characteristics
--- | PA-5060 | PA-5050 | PA-5020 |
Firewall productivity (the App-ID function is included) | 20 Gbit / with | 10 Gbit / with | 5 Gbit / with |
IPS productivity | 10 Gbit / with | 5 Gbit / with | 2 Gbit / with |
IPSec VPN productivity | 4 Gbit / with | 4 Gbit / with | 2 Gbit / with |
Maximum number of sessions | 4 000 000 | 2 000 000 | 1 000 000 |
New sessions in a second | 120 000 | 120 000 | 120 000 |
IPSec VPN tunnels / interfaces | 8 000 | 4 000 | 2 000 |
Users of SSL VPN | 20 000 | 10 000 | 5 000 |
Sessions with interpretation of SSL | 90 000 | 45 000 | 15 000 |
The entering certificates of SSL | 1 000 | 300 | 100 |
Virtual routers | 225 | 125 | 20 |
Virtual systems (bases / max. **) | 25 / 225 | 25 / 125 | 10 / 20 |
Safety zones | 900 | 500 | 80 |
Maximum number politician | 40 000 | 20 000 | 10 000 |
Address objects | 80 000 | 40 000 | 10 000 |
Completely certain names of domains (FQDN) | 2 000 | 2 000 | 2 000 |