SlideShare uma empresa Scribd logo

Palo Alto Networks PA5000 series

Altaware, Inc.
Altaware, Inc.

Datasheet for Palo Alto Networks PA5000 series. Includes PA5020, PA5050 and PA5060.

Tecnologia
1 de 3
Baixar para ler offline
PA L O A LT O N E T W O R K S : PA - 5 0 0 0 S e r i e s S p e c s h e e t PA-5000 Series The PA-5000 Series is a next-generation firewall that delivers unprecedented visibility and control over applications, users and content on enterprise PA-5060 networks. APPLICATION IDENTIFICATION: • Identifies and controls applications PA-5050 PA-5020 irrespective of port, protocol, encryption (SSL or SSH) or evasive tactic employed. • Enables positive enforcement application usage policies: allow, deny, The Palo Alto NetworksTM PA-5000 Series is comprised of three schedule, inspect, apply traffic shaping. high performance platforms, the PA-5020, the PA-5050 and • Graphical visibility tools enable simple the PA-5060, all of which are targeted at high speed Internet and intuitive view into application traffic. gateway and datacenter deployments. The PA-5000 Series USER IDENTIFICATION: • Policy-based visibility and control over manages multi-Gbps traffic flows using dedicated processing who is using the applications through and memory for networking, security, threat prevention and seamless integration with Active Directory, LDAP, and eDirectory. management. • Identifies Citrix, Microsoft Terminal Services and XenWorks users, enabling A 20 Gbps backplane smoothes the pathway between dedicated processors, visibility and control over their and the physical separation of data and control plane ensures that respective application usage. management access is always available, irrespective of the traffic load. • Control non-Windows hosts via web- based authentication. The controlling element of the PA-5000 Series next-generation firewalls is PAN-OSTM, a security-specific operating system that tightly integrates three CONTENT IDENTIFICATION: • Block viruses, spyware, and vulnerability unique identification technologies: App-IDTM, User-ID and Content-ID, with exploits, limit unauthorized transfer of key firewall, networking and management features. files and sensitive data such as CC# or SSN, and control non-work related web surfing. KEY PERFORMANCE SPECIFICATIONS PA-5060 PA-5050 PA-5020 • Single pass software architecture Firewall throughput 20 Gbps 10 Gbps 5 Gbps enables multi-gigabit throughput with Threat prevention throughput 10 Gbps 5 Gbps 2 Gbps low latency while scanning content. IPSec VPN throughput 4 Gbps 4 Gbps 2 Gbps Max sessions 4,000,000 2,000,000 1,000,000 New sessions per second 120,000 120,000 120,000 IPSec VPN tunnels/tunnel interfaces 8,000 4,000 2,000 SSL VPN Users 20,000 10,000 5,000 Virtual routers 225 125 20 Virtual systems (base/max*) 25/225* 25/125* 10/20* Security zones 900 500 80 Your Palo Alto Networks Reseller www.altaware.com Max number of policies 40,000 20,000 10,000 sales@altaware.com (866) 833-4070 *Adding virtual systems to the base quantity requires a separately purchased license.
PA L O A LT O N E T W O R K S : PA - 5 0 0 0 S e r i e s S p e c s h e e t NETWORKING PA-5060 PA-5050 PA-5020 Deployment • Modes L2, L3, Tap, Virtual Wire L2, L3, Tap, Virtual Wire L2, L3, Tap, Virtual Wire (transparent mode) ansparent (transparent mode) ansparent (transparent mode) ansparent Routing • Modes OSPF, RIP, BGP, Static OSPF, RIP, BGP, Static OSPF, RIP, BGP, Static • Forwarding table size (entries per device/per VR) 64,000 / 64,000 64,000 / 64,000 64,000 / 64,000 • Policy-based forwarding Supported Supported Supported • Point-to-Point Protocol over Ethernet (PPPoE) Supported Supported Supported • Jumbo frames Supported Supported Supported NAT/PAT • Max NAT rules 8,000 4,000 1,000 • Max NAT rules (DIPP) 450 250 200 • Dynamic IP and port pool 254 254 254 • Dynamic IP pool 16,234 16,234 16,234 • NAT Modes 1:1 NAT, n:n NAT, m:n NAT 1:1 NAT, n:n NAT, m:n NAT 1:1 NAT, n:n NAT, m:n NAT • PAT- Unique destination IPs per source port and IP 8 8 8 VLANs • 802.1q VLAN tags per device/ per interface 4,094/ 4,094 4,094/ 4,094 4,094/ 4,094 • Max interfaces 4,096 4,096 2,048 • Aggregate Interfaces (802.3ad) Supported Supported Supported Virtual Wire • Max virtual wires: 12 12 12 • Physical interfaces mapped to VWs Supported Supported Supported Address Assignment • Captive Portal for Management Interface Supported Supported Supported • DHCP server/DHCP relay up to 3 servers up to 3 servers up to 3 servers • Max Addresses: 64,000 64,000 64,000 64,000 L2 Forwarding • ARP table size/device 32,000 32,000 20,000 • IPv6 neighbor table size 5,000 5,000 2,000 • MAC table size/device 32,000 32,000 20,000 SECURITY FIREWALL NETCONNECT SSL VPN (REMOTE ACCESS) • Policy-based control over applications, users and content • Transport: IPSec with SSL fall-back • Fragmented packet protection • Authentication: LDAP, SecurID, or local DB • Reconnaissance scan protection • Client OS: Macintosh, Windows XP, Windows Vista (32 and 64 bit), • Denial of Service (DoS)/Distributed Denial of Services (DDoS) Windows 7 (32 and 64 bit) protection THREAT PREVENTION (SUBSCRIPTION REQUIRED) • Decryption: SSL (inbound and outbound), SSH • Application, operating system vulnerability exploit protection USER INTEGRATION (USER-ID) • Stream-based protection against viruses (including those embedded • Active Directory, LDAP, eDirectory, Citrix and Microsoft Terminal in HTML, Javascript, PDF and compressed), spyware, worms Services, Xenworks, XML API QUALITY OF SERVICE (QOS) IPSEC VPN (SITE-TO-SITE) • Policy-based traffic shaping by application, user, source, destination, • Key Exchange: Manual key, IKE v1 interface, IPSec VPN tunnel and more • Encryption: 3DES, AES (128-bit, 192-bit, 256-bit) • 8 traffic classes with guaranteed, maximum and priority bandwidth • Authentication: SHA1, MD5 parameters • Real-time bandwidth monitor DATA FILTERING • Per policy diffserv marking • Control unauthorized data transfer (data patterns and file types) GLOBALPROTECT • Drive-by download protection • GlobalProtect Gateway MANAGEMENT, REPORTING, VISIBILITY TOOLS • GlobalProtect Portal • Integrated web interface, CLI or central management (Panorama) • Client OS: Windows XP, Windows Vista (32/64 bit), Windows 7 (32 bit) • Syslog and SNMPv2 URL FILTERING (SUBSCRIPTION REQUIRED) • XML-based REST API • Graphical summary of applications, URL categories, threats and • 76-category, 20M URL on-box database data (ACC) • Custom URL cache database (from 180M URL database) • View, filter, export traffic, threat, URL, and data filtering logs • Custom block pages and URL categories • Fully customizable reporting PAGE 2
PA L O A LT O N E T W O R K S : PA - 5 0 0 0 S e r i e s S p e c s h e e t HARDWARE SPECIFICATIONS PA-5060/PA-5050 PA-5020 Platform (12) 10/100/1000 + (8) Gigabit SFP (4), 10 Gigabit SFP+ (12)10/100/1000 + (8) Gigabit SFP Power supply (Avg/max power consumption) Redundant 450W AC (175W/200W) Input voltage (Input frequency) 100-240Vac (50-60Hz) Max input current 50A@230Vac; 30A@120Vac Safety UL, CUL, CB EMI FCC Class A, CE Class A, VCCI Class A, TUV Rack mountable (dimensions) 2U, 19” standard rack (3.5”H x 16.5”D x 17.5”W) ENVIRONMENT Operating temperature 32° to 122° F, 0° to 50° C Non-operating temperature -4° to 158° F, -20° to 70° C ORDERING INFORMATION PA-5060 PA-5050 PA-5020 Platform PAN-PA-5060 PAN-PA-5050 PAN-PA-5020 Solid State Disk Drives (120 GB) PAN-PA-5000-SSD-120 PAN-PA-5000-SSD-120 PAN-PA-5000-SSD-120 Solid State Disk Drives (240 GB) PAN-PA-5000-SSD-240 PAN-PA-5000-SSD-240 PAN-PA-5000-SSD-240 AC Power Supply PAN-PA-5000-PWR-AC PAN-PA-5000-PWR-AC PAN-PA-5000-PWR-AC DC Power Supply PAN-PA-5000-PWR-DC PAN-PA-5000-PWR-DC PAN-PA-5000-PWR- DCFan Tray PAN-PA-5000-FAN PAN-PA-5000-FAN PAN-PA-5000-FAN Fan Filter PAN-PA-5000-FLTR PAN-PA-5000-FLTR PAN-PA-5000-FLTR For additional information on the PA-5000 Series software features, please visit www.paloaltonetworks.com/literature. Your Palo Alto Networks Reseller www.altaware.com sales@altaware.com (866) 833-4070 Palo Alto Networks Copyright ©2011, Palo Alto Networks, Inc. All rights reserved. Palo Alto Networks, the Palo Alto Networks Logo, PAN-OS, App-ID and Panorama are trademarks of Palo Alto Networks, Inc. All specifications are subject to change without notice. 232 E. Java Drive Palo Alto Networks assumes no responsibility for any inaccuracies in this document or for any obligation to update Sunnyvale, CA. 94089 information in this document. Palo Alto Networks reserves the right to change, modify, transfer, or otherwise revise this Sales 866.320.4788 publication without notice. PAN-OS 4.0, March 2011. 408.738.7700 www.paloaltonetworks.com

Recomendados

Netgear ReadyNAS Comparison
Netgear ReadyNAS ComparisonNetgear ReadyNAS Comparison
Netgear ReadyNAS Comparison
Altaware, Inc.
 
Aerohive datasheet br200
Aerohive datasheet br200Aerohive datasheet br200
Aerohive datasheet br200
Altaware, Inc.
 
Juniper Enterprise Guest Access
Juniper Enterprise Guest AccessJuniper Enterprise Guest Access
Juniper Enterprise Guest Access
Altaware, Inc.
 
Juniper MAG Series
Juniper MAG SeriesJuniper MAG Series
Juniper MAG Series
Altaware, Inc.
 
Juniper Networks SRX Branch Solutions
Juniper Networks SRX Branch SolutionsJuniper Networks SRX Branch Solutions
Juniper Networks SRX Branch Solutions
Altaware, Inc.
 
Juniper Networks Product Comparisons
Juniper Networks Product ComparisonsJuniper Networks Product Comparisons
Juniper Networks Product Comparisons
Altaware, Inc.
 
Infoblox appliances
Infoblox appliancesInfoblox appliances
Infoblox appliances
Altaware, Inc.
 
Aerohive Branch on Demand Solution Brief
Aerohive Branch on Demand Solution BriefAerohive Branch on Demand Solution Brief
Aerohive Branch on Demand Solution Brief
Altaware, Inc.
 

Recomendados

Netgear ReadyNAS Comparison
Netgear ReadyNAS ComparisonNetgear ReadyNAS Comparison
Netgear ReadyNAS Comparison
Altaware, Inc.
 
Aerohive datasheet br200
Aerohive datasheet br200Aerohive datasheet br200
Aerohive datasheet br200
Altaware, Inc.
 
Juniper Enterprise Guest Access
Juniper Enterprise Guest AccessJuniper Enterprise Guest Access
Juniper Enterprise Guest Access
Altaware, Inc.
 
Juniper MAG Series
Juniper MAG SeriesJuniper MAG Series
Juniper MAG Series
Altaware, Inc.
 
Juniper Networks SRX Branch Solutions
Juniper Networks SRX Branch SolutionsJuniper Networks SRX Branch Solutions
Juniper Networks SRX Branch Solutions
Altaware, Inc.
 
Juniper Networks Product Comparisons
Juniper Networks Product ComparisonsJuniper Networks Product Comparisons
Juniper Networks Product Comparisons
Altaware, Inc.
 
Infoblox appliances
Infoblox appliancesInfoblox appliances
Infoblox appliances
Altaware, Inc.
 
Aerohive Branch on Demand Solution Brief
Aerohive Branch on Demand Solution BriefAerohive Branch on Demand Solution Brief
Aerohive Branch on Demand Solution Brief
Altaware, Inc.
 
Aerohive whitepaper-cooperative control WLAN
Aerohive whitepaper-cooperative control WLANAerohive whitepaper-cooperative control WLAN
Aerohive whitepaper-cooperative control WLAN
Altaware, Inc.
 
White paper - Building Secure Wireless Networks
White paper - Building Secure Wireless NetworksWhite paper - Building Secure Wireless Networks
White paper - Building Secure Wireless Networks
Altaware, Inc.
 
ScreenOS 6.1 Concepts & Examples
ScreenOS 6.1 Concepts & ExamplesScreenOS 6.1 Concepts & Examples
ScreenOS 6.1 Concepts & Examples
Altaware, Inc.
 
PANOS 4.1 Administrators Guide
PANOS 4.1 Administrators GuidePANOS 4.1 Administrators Guide
PANOS 4.1 Administrators Guide
Altaware, Inc.
 
SIP2 for ILS
SIP2 for ILSSIP2 for ILS
SIP2 for ILS
Altaware, Inc.
 
Aerohive AP 350
Aerohive AP 350Aerohive AP 350
Aerohive AP 350
Altaware, Inc.
 
Aerohive AP 330
Aerohive AP 330Aerohive AP 330
Aerohive AP 330
Altaware, Inc.
 
Aerohive AP 170
Aerohive AP 170Aerohive AP 170
Aerohive AP 170
Altaware, Inc.
 
Aerohive AP 120
Aerohive AP 120Aerohive AP 120
Aerohive AP 120
Altaware, Inc.
 
Aerohive 802.11 Technology Primer
Aerohive 802.11 Technology PrimerAerohive 802.11 Technology Primer
Aerohive 802.11 Technology Primer
Altaware, Inc.
 
Aerohive - TeacherView and Student Manager
Aerohive - TeacherView and Student ManagerAerohive - TeacherView and Student Manager
Aerohive - TeacherView and Student Manager
Altaware, Inc.
 
PAN PA2000 series
PAN PA2000 seriesPAN PA2000 series
PAN PA2000 series
Altaware, Inc.
 
PAN PA500
PAN PA500PAN PA500
PAN PA500
Altaware, Inc.
 
PAN Platform Summary
PAN Platform SummaryPAN Platform Summary
PAN Platform Summary
Altaware, Inc.
 
PAN 5000
PAN 5000PAN 5000
PAN 5000
Altaware, Inc.
 
Palo Alto Networks K-12
Palo Alto Networks K-12Palo Alto Networks K-12
Palo Alto Networks K-12
Altaware, Inc.
 
PAN CIPA Requirements
PAN CIPA RequirementsPAN CIPA Requirements
PAN CIPA Requirements
Altaware, Inc.
 
PAN PA4000
PAN PA4000PAN PA4000
PAN PA4000
Altaware, Inc.
 
PAN PA2000 series
PAN PA2000 seriesPAN PA2000 series
PAN PA2000 series
Altaware, Inc.
 
Aw aerohive ap 330
Aw aerohive ap 330Aw aerohive ap 330
Aw aerohive ap 330
Altaware, Inc.
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
wesley chun
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 

Mais conteúdo relacionado

Mais de Altaware, Inc.

Mais de Altaware, Inc. (20)

Aerohive whitepaper-cooperative control WLAN
Aerohive whitepaper-cooperative control WLANAerohive whitepaper-cooperative control WLAN
Aerohive whitepaper-cooperative control WLAN
 
White paper - Building Secure Wireless Networks
White paper - Building Secure Wireless NetworksWhite paper - Building Secure Wireless Networks
White paper - Building Secure Wireless Networks
 
ScreenOS 6.1 Concepts & Examples
ScreenOS 6.1 Concepts & ExamplesScreenOS 6.1 Concepts & Examples
ScreenOS 6.1 Concepts & Examples
 
PANOS 4.1 Administrators Guide
PANOS 4.1 Administrators GuidePANOS 4.1 Administrators Guide
PANOS 4.1 Administrators Guide
 
SIP2 for ILS
SIP2 for ILSSIP2 for ILS
SIP2 for ILS
 
Aerohive AP 350
Aerohive AP 350Aerohive AP 350
Aerohive AP 350
 
Aerohive AP 330
Aerohive AP 330Aerohive AP 330
Aerohive AP 330
 
Aerohive AP 170
Aerohive AP 170Aerohive AP 170
Aerohive AP 170
 
Aerohive AP 120
Aerohive AP 120Aerohive AP 120
Aerohive AP 120
 
Aerohive 802.11 Technology Primer
Aerohive 802.11 Technology PrimerAerohive 802.11 Technology Primer
Aerohive 802.11 Technology Primer
 
Aerohive - TeacherView and Student Manager
Aerohive - TeacherView and Student ManagerAerohive - TeacherView and Student Manager
Aerohive - TeacherView and Student Manager
 
PAN PA2000 series
PAN PA2000 seriesPAN PA2000 series
PAN PA2000 series
 
PAN PA500
PAN PA500PAN PA500
PAN PA500
 
PAN Platform Summary
PAN Platform SummaryPAN Platform Summary
PAN Platform Summary
 
PAN 5000
PAN 5000PAN 5000
PAN 5000
 
Palo Alto Networks K-12
Palo Alto Networks K-12Palo Alto Networks K-12
Palo Alto Networks K-12
 
PAN CIPA Requirements
PAN CIPA RequirementsPAN CIPA Requirements
PAN CIPA Requirements
 
PAN PA4000
PAN PA4000PAN PA4000
PAN PA4000
 
PAN PA2000 series
PAN PA2000 seriesPAN PA2000 series
PAN PA2000 series
 
Aw aerohive ap 330
Aw aerohive ap 330Aw aerohive ap 330
Aw aerohive ap 330
 

Último

Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Último (20)

Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 

Palo Alto Networks PA5000 series

  • 1. PA L O A LT O N E T W O R K S : PA - 5 0 0 0 S e r i e s S p e c s h e e t PA-5000 Series The PA-5000 Series is a next-generation firewall that delivers unprecedented visibility and control over applications, users and content on enterprise PA-5060 networks. APPLICATION IDENTIFICATION: • Identifies and controls applications PA-5050 PA-5020 irrespective of port, protocol, encryption (SSL or SSH) or evasive tactic employed. • Enables positive enforcement application usage policies: allow, deny, The Palo Alto NetworksTM PA-5000 Series is comprised of three schedule, inspect, apply traffic shaping. high performance platforms, the PA-5020, the PA-5050 and • Graphical visibility tools enable simple the PA-5060, all of which are targeted at high speed Internet and intuitive view into application traffic. gateway and datacenter deployments. The PA-5000 Series USER IDENTIFICATION: • Policy-based visibility and control over manages multi-Gbps traffic flows using dedicated processing who is using the applications through and memory for networking, security, threat prevention and seamless integration with Active Directory, LDAP, and eDirectory. management. • Identifies Citrix, Microsoft Terminal Services and XenWorks users, enabling A 20 Gbps backplane smoothes the pathway between dedicated processors, visibility and control over their and the physical separation of data and control plane ensures that respective application usage. management access is always available, irrespective of the traffic load. • Control non-Windows hosts via web- based authentication. The controlling element of the PA-5000 Series next-generation firewalls is PAN-OSTM, a security-specific operating system that tightly integrates three CONTENT IDENTIFICATION: • Block viruses, spyware, and vulnerability unique identification technologies: App-IDTM, User-ID and Content-ID, with exploits, limit unauthorized transfer of key firewall, networking and management features. files and sensitive data such as CC# or SSN, and control non-work related web surfing. KEY PERFORMANCE SPECIFICATIONS PA-5060 PA-5050 PA-5020 • Single pass software architecture Firewall throughput 20 Gbps 10 Gbps 5 Gbps enables multi-gigabit throughput with Threat prevention throughput 10 Gbps 5 Gbps 2 Gbps low latency while scanning content. IPSec VPN throughput 4 Gbps 4 Gbps 2 Gbps Max sessions 4,000,000 2,000,000 1,000,000 New sessions per second 120,000 120,000 120,000 IPSec VPN tunnels/tunnel interfaces 8,000 4,000 2,000 SSL VPN Users 20,000 10,000 5,000 Virtual routers 225 125 20 Virtual systems (base/max*) 25/225* 25/125* 10/20* Security zones 900 500 80 Your Palo Alto Networks Reseller www.altaware.com Max number of policies 40,000 20,000 10,000 sales@altaware.com (866) 833-4070 *Adding virtual systems to the base quantity requires a separately purchased license.
  • 2. PA L O A LT O N E T W O R K S : PA - 5 0 0 0 S e r i e s S p e c s h e e t NETWORKING PA-5060 PA-5050 PA-5020 Deployment • Modes L2, L3, Tap, Virtual Wire L2, L3, Tap, Virtual Wire L2, L3, Tap, Virtual Wire (transparent mode) ansparent (transparent mode) ansparent (transparent mode) ansparent Routing • Modes OSPF, RIP, BGP, Static OSPF, RIP, BGP, Static OSPF, RIP, BGP, Static • Forwarding table size (entries per device/per VR) 64,000 / 64,000 64,000 / 64,000 64,000 / 64,000 • Policy-based forwarding Supported Supported Supported • Point-to-Point Protocol over Ethernet (PPPoE) Supported Supported Supported • Jumbo frames Supported Supported Supported NAT/PAT • Max NAT rules 8,000 4,000 1,000 • Max NAT rules (DIPP) 450 250 200 • Dynamic IP and port pool 254 254 254 • Dynamic IP pool 16,234 16,234 16,234 • NAT Modes 1:1 NAT, n:n NAT, m:n NAT 1:1 NAT, n:n NAT, m:n NAT 1:1 NAT, n:n NAT, m:n NAT • PAT- Unique destination IPs per source port and IP 8 8 8 VLANs • 802.1q VLAN tags per device/ per interface 4,094/ 4,094 4,094/ 4,094 4,094/ 4,094 • Max interfaces 4,096 4,096 2,048 • Aggregate Interfaces (802.3ad) Supported Supported Supported Virtual Wire • Max virtual wires: 12 12 12 • Physical interfaces mapped to VWs Supported Supported Supported Address Assignment • Captive Portal for Management Interface Supported Supported Supported • DHCP server/DHCP relay up to 3 servers up to 3 servers up to 3 servers • Max Addresses: 64,000 64,000 64,000 64,000 L2 Forwarding • ARP table size/device 32,000 32,000 20,000 • IPv6 neighbor table size 5,000 5,000 2,000 • MAC table size/device 32,000 32,000 20,000 SECURITY FIREWALL NETCONNECT SSL VPN (REMOTE ACCESS) • Policy-based control over applications, users and content • Transport: IPSec with SSL fall-back • Fragmented packet protection • Authentication: LDAP, SecurID, or local DB • Reconnaissance scan protection • Client OS: Macintosh, Windows XP, Windows Vista (32 and 64 bit), • Denial of Service (DoS)/Distributed Denial of Services (DDoS) Windows 7 (32 and 64 bit) protection THREAT PREVENTION (SUBSCRIPTION REQUIRED) • Decryption: SSL (inbound and outbound), SSH • Application, operating system vulnerability exploit protection USER INTEGRATION (USER-ID) • Stream-based protection against viruses (including those embedded • Active Directory, LDAP, eDirectory, Citrix and Microsoft Terminal in HTML, Javascript, PDF and compressed), spyware, worms Services, Xenworks, XML API QUALITY OF SERVICE (QOS) IPSEC VPN (SITE-TO-SITE) • Policy-based traffic shaping by application, user, source, destination, • Key Exchange: Manual key, IKE v1 interface, IPSec VPN tunnel and more • Encryption: 3DES, AES (128-bit, 192-bit, 256-bit) • 8 traffic classes with guaranteed, maximum and priority bandwidth • Authentication: SHA1, MD5 parameters • Real-time bandwidth monitor DATA FILTERING • Per policy diffserv marking • Control unauthorized data transfer (data patterns and file types) GLOBALPROTECT • Drive-by download protection • GlobalProtect Gateway MANAGEMENT, REPORTING, VISIBILITY TOOLS • GlobalProtect Portal • Integrated web interface, CLI or central management (Panorama) • Client OS: Windows XP, Windows Vista (32/64 bit), Windows 7 (32 bit) • Syslog and SNMPv2 URL FILTERING (SUBSCRIPTION REQUIRED) • XML-based REST API • Graphical summary of applications, URL categories, threats and • 76-category, 20M URL on-box database data (ACC) • Custom URL cache database (from 180M URL database) • View, filter, export traffic, threat, URL, and data filtering logs • Custom block pages and URL categories • Fully customizable reporting PAGE 2
  • 3. PA L O A LT O N E T W O R K S : PA - 5 0 0 0 S e r i e s S p e c s h e e t HARDWARE SPECIFICATIONS PA-5060/PA-5050 PA-5020 Platform (12) 10/100/1000 + (8) Gigabit SFP (4), 10 Gigabit SFP+ (12)10/100/1000 + (8) Gigabit SFP Power supply (Avg/max power consumption) Redundant 450W AC (175W/200W) Input voltage (Input frequency) 100-240Vac (50-60Hz) Max input current 50A@230Vac; 30A@120Vac Safety UL, CUL, CB EMI FCC Class A, CE Class A, VCCI Class A, TUV Rack mountable (dimensions) 2U, 19” standard rack (3.5”H x 16.5”D x 17.5”W) ENVIRONMENT Operating temperature 32° to 122° F, 0° to 50° C Non-operating temperature -4° to 158° F, -20° to 70° C ORDERING INFORMATION PA-5060 PA-5050 PA-5020 Platform PAN-PA-5060 PAN-PA-5050 PAN-PA-5020 Solid State Disk Drives (120 GB) PAN-PA-5000-SSD-120 PAN-PA-5000-SSD-120 PAN-PA-5000-SSD-120 Solid State Disk Drives (240 GB) PAN-PA-5000-SSD-240 PAN-PA-5000-SSD-240 PAN-PA-5000-SSD-240 AC Power Supply PAN-PA-5000-PWR-AC PAN-PA-5000-PWR-AC PAN-PA-5000-PWR-AC DC Power Supply PAN-PA-5000-PWR-DC PAN-PA-5000-PWR-DC PAN-PA-5000-PWR- DCFan Tray PAN-PA-5000-FAN PAN-PA-5000-FAN PAN-PA-5000-FAN Fan Filter PAN-PA-5000-FLTR PAN-PA-5000-FLTR PAN-PA-5000-FLTR For additional information on the PA-5000 Series software features, please visit www.paloaltonetworks.com/literature. Your Palo Alto Networks Reseller www.altaware.com sales@altaware.com (866) 833-4070 Palo Alto Networks Copyright ©2011, Palo Alto Networks, Inc. All rights reserved. Palo Alto Networks, the Palo Alto Networks Logo, PAN-OS, App-ID and Panorama are trademarks of Palo Alto Networks, Inc. All specifications are subject to change without notice. 232 E. Java Drive Palo Alto Networks assumes no responsibility for any inaccuracies in this document or for any obligation to update Sunnyvale, CA. 94089 information in this document. Palo Alto Networks reserves the right to change, modify, transfer, or otherwise revise this Sales 866.320.4788 publication without notice. PAN-OS 4.0, March 2011. 408.738.7700 www.paloaltonetworks.com