Product Description
Overview:
Key Security Features:
Classifies all applications on all ports all the time
- Identifies the application regardless of port encryption (SSL or SSH) or evasive technique employed
- Uses the application not the port as the basis for all of your safe enablement policy decisions: allow deny schedule inspect and apply traffic-shaping
- Categorizes unidentified applications for policy control threat forensics or App-ID&trade application identification technology development
Enforces security policies for any user at any location
- Deploys consistent policies to local and remote users running on the Windows® Mac® OS X® Linux® Android&trade or Apple® iOS platforms
- Enables agentless integration with Microsoft® Active Directory® and Terminal Services LDAP Novell® eDirectory&trade and Citrix®
- Easily integrates your firewall policies with 802.1X wireless proxies NAC solutions and any other source of user identity information
Prevents known and unknown threats
- Blocks a range of known threats including exploits malware and spyware across all ports regardless of common threat-evasion tactics employed
- Limits the unauthorized transfer of files and sensitive data and safely enables non-work-related web surfing
- Identifies unknown malware analyzes it based on hundreds of malicious behaviors and then automatically creates and delivers protection
The controlling element of the PA-5200 Series is PAN-OS® security operating system which that natively classifies all traffic inclusive of applications threats and content and then ties that traffic to the user regardless of location or device type. The application content and user &ndash in other words the business elements that run your business &ndash are then used as the basis of your security policies resulting in an improved security posture and a reduction in incident response time.
Performance and Capacities1 | PA-5260 | PA-5250 | PA-5220 |
Firewall throughput2 (App-ID enabled) | 72.2 Gbps | 35.9 Gbps | 18.5 Gbps |
Threat prevention throughput3 | 30 Gbps | 20.3 Gbps | 9.2 Gbps |
IPsec VPN throughput | 21 Gbps | 14 Gbps | 5 Gbps |
Max sessions | 32000000 | 8000000 | 4000000 |
New sessions per second4 | 458000 | 348000 | 169000 |
Virtual systems (base/max5) | 25/225 | 25/125 | 10/20 |
- Performance and capacities are measured under ideal testing conditions.
- Firewall throughput measured with App-ID and User-ID features enabled utilizing 64K HTTP transactions
- Threat prevention throughput measured with App-ID User-ID IPS AntiVirus and Anti-Spyware features enabled utilizing 64K HTTP transactions
- New sessions per second is measured with 4K HTTP transactions
- Adding virtual systems base quantity requires a separately purchased license
Networking Features:
Interface Modes
- L2 L3 Tap Virtual wire (transparent mode)
- Point-to-point protocol over Ethernet (PPPoE) and DHCP supported for dynamic address assignment
Routing
- OSPFv2/v3 with graceful restart BGP with graceful restart RIP Static routing
- Policy-based forwarding
- Multicast: PIM-SM PIM-SSM IGMP v1 v2 and v3
- Bidirectional Forwarding Detection (BFD)
IPv6
- L2 L3 Tap Virtual Wire (transparent mode)
- Features: App-ID&trade User-ID&trade Content-ID&trade WildFire&trade and SSL decryption
- SLAAC
IPsec VPN
- Key exchange: Manual key IKE v1 and IKEv2 (pre-shared key certificate-based authentication)
- Encryption: 3DES AES (128-bit 192-bit 256-bit)
- Authentication: MD5 SHA-1 SHA-256 SHA-384 SHA-512
- GlobalProtect&trade large-scale VPN (LSVPN) for simplified configuration and management
VLANs
- 802.1q VLAN tags per device/per interface: 4094/4094
- Aggregate interfaces (802.3ad) LACP
Network Address Translation (NAT)
- NAT modes (IPv4): static IP dynamic IP dynamic IP and port (port address translation)
- NAT64 NPTv6
- Additional NAT features: Dynamic IP reservation tun- able dynamic IP and port oversubscription
High Availability Modes: Active/Active Active/Passive
Failure detection: Path monitoring interface monitoring 
 
Technical Specifications:
I/O PA-5260 | PA-5250 - (4) 100/1000/10G Cu (16) Gig/10Gig SFP/SFP+ (4) 40G/100G QSFP28
PA-5220 &ndash (4)100/1000/10G Cu (16) Gig/10Gig SFP/SFP+ (4) 40G QSFP+
Management I/O PA-5260 | PA-5250 - (2) 10/100/1000 (1) 40G/100G QSFP28 HA (1) 10/100/1000 out-of-band management (1) RJ45 console port
PA-5220 - (2) 10/100/1000 (1) 40G QSFP+ HA (1) 10/100/1000 out-of-band management (1) RJ45 console port
Storage Options Other Details
(Manufacturer Standard Warranty) - Not Clear what product you need, or can't find your specific product/service part number? Call us +1 888 988 5472 | Fax: +1 888 920 3445. You can also use the quote request pageProduct Videos
Custom Field
MPN PAN-PA-5260-TP-RNOTE Images may not be exact, please check specifications.Required A Volume Purchase Contact us for a volume pricing | volumeorders@hssl.usProduct Reviews