Redefining high-performance network security, the PA-7000 Series of next-generation firewall appliances offers the perfect blend of power, intelligence and simplicity. Power, derived from a proven architecture, blends ultra-efficient software with nearly 700 function-specific processors for networking, security, content inspection and management. Its intelligence maximizes security-processing resource utilization and automatically scales as new computing power becomes available. The PA-7000 Series offers simplicity defined by a single-system approach to management and licensing.
Key Security Features:
- Classifies all applications, on all ports, all the time
- Identifies the application, regardless of port, encryption (SSL or SSH), or evasive technique employed.
- Uses the application, not the port, as the basis for all of your safe enablement policy decisions: allow, deny, schedule, inspect and apply traffic-shaping.
- Categorizes unidentified applications for policy control, threat forensics or App-ID™ development. Enforces security policies for any user, at any location
- Deploys consistent policies to local and remote users running on the Windows®, MacOS™, Linux®, Android®, or Apple® iOS platforms.
- Enables agentless integration with Microsoft® Active Directory® and Terminal Services, LDAP, Novell® eDirectory™ and Citrix®.
- Easily integrates your firewall policies with 802.1X wireless, proxies, NAC solutions, and any other source of user identity information. Prevents known and unknown threats
- Blocks a range of known threats, including exploits, malware and spyware, across all ports, regardless of common threat-evasion tactics employed.
- Limits the unauthorized transfer of files and sensitive data, and safely enables non-work-related web surfing.
- Identifies unknown malware, analyzes it based on hundreds of malicious behaviors, and then automatically creates and delivers protection.
- Threat prevention throughput is measured with App-ID, User-ID, IPS, antivirus, anti-spyware and Disable Server Response Inspection(DSRI) features enabled
- Throughput is measured with 64Kb HTTP transactions
- Connections per second is measured with 4Kb HTTP transactions
|Performance and capacities||PA-7080 system||PA-7050 system||PA-7000 NPC||PA-7000 NPC-XM2|
|Firewall throughput (App-ID enabled)||200 Gbps||120 Gbps||20 Gbps||20 Gbps|
|Threat prevention throughput (DSRI Enabled)||160 Gbps||100 Gbps||16 Gbps||16 Gbps|
|Threat prevention throughput||100 Gbps||60 Gbps||10 Gbps||10 Gbps|
|IPsec VPN throughput||80 Gbps||48 Gbps||8 Gbps||8 Gbps|
|New sessions per second||1,200,000||720,000||120,000||120,000|
|Virtual systems (base/max1)||25/225*||25/225*||–||–|
1 Adding virtual systems to the base quantity requires a separately purchased license.
2 Network processing card with enhanced session capacity.