Palo Alto Networks PA-445 Next Generation Firewalls

Palo Alto Networks PA-400 series ML-Powered NGFW (PA-460, PA-450, PA-440, PA-410) brings Next Generation Firewall capabilities to distributed enterprise branch offices, retail locations, and midsize businesses.

Category : PaloAlto Firewall
Brand : Palo Alto
Model : PA-445

Description

PA-400 Series
The Palo Alto Networks PA-400 Series, comprising the PA-460, PA-450, PA-440, and PA-410, brings ML-Powered NGFW capabilities to distributed enterprise branch offices, retail locations, and midsize businesses. The world’s first ML-Powered Next-Generation Firewall (NGFW) enables you to prevent unknown threats, see and secure everything—including the Internet of Things (IoT)—and reduce errors with automatic policy recommendations. 


Key Security and Connectivity Features


ML-Powered Next-Generation Firewall

  • Embeds machine learning (ML) in the core of the firewall to provide inline signatureless attack
  • prevention for file-based attacks while identifying and immediately stopping never-before-seen phishing attempts.
  •  Leverages cloud-based ML processes to push zero-delay signatures and instructions back to the NGFW.
  •  Uses behavioral analysis to detect IoT devices and make policy recommendations as part of a cloud-delivered and natively integrated service on the NGFW.
  • Automates policy recommendations that save time and reduce the chance of human error
PA-400 Series Performance and Capacities

Firewall throughput (HTTP/appmix)
  • 2.7 Gbps 

Threat Prevention throughput (HTTP/appmix)

  • 1.25 Gbps

IPsec VPN throughput

  • 1.1 Gbps

Max sessions

  • 200,000

New sessions per second

  • 34,000


Networking Features

Interface Modes
  • L2, L3, tap, virtual wire (transparent mode)

Routing

  • OSPFv2/v3 with graceful restart, BGP with graceful restart, RIP, static routing
  • Policy-based forwarding
  • Point-to-point protocol over Ethernet (PPPoE)
  • Multicast: PIM-SM, PIM-SSM, IGMP v1, v2, and v3

SD-WAN

  • Path quality measurement (jitter, packet loss, latency)
  • Initial path selection (PBF)
  • Dynamic path change

IPv6

  • L2, L3, tap, virtual wire (transparent mode)
  • Features: App-ID, User-ID, Content-ID, WildFire, and SSL Decryption
  • SLAAC

IPsec VPN

  • Key exchange: manual key, IKEv1 and IKEv2 (pre-shared key, certificate-based authentication)
  • Encryption: 3DES, AES (128-bit, 192-bit, 256-bit)
  • Authentication: MD5, SHA-1, SHA-256, SHA-384, SHA-512

VLANs

  • 802.1Q VLAN tags per device/per interface: 4,094/4,094