Product Description
Overview:
Redefining high-performance network security the PA-7000 Series of next-generation firewall appliances offers the perfect blend of power intelligence and simplicity. Power derived from a proven architecture blends ultra-efficient software with nearly 700 function-specific processors for networking security content inspection and management. Its intelligence maximizes security-processing resource utilization and automatically scales as new computing power becomes available. The PA-7000 Series offers simplicity defined by a single-system approach to management and licensing.
Key Security Features:
- Classifies all applications on all ports all the time
- Identifies the application regardless of port encryption (SSL or SSH) or evasive technique employed.
- Uses the application not the port as the basis for all of your safe enablement policy decisions: allow deny schedule inspect and apply traffic-shaping.
- Categorizes unidentified applications for policy control threat forensics or App-ID&trade development. Enforces security policies for any user at any location
- Deploys consistent policies to local and remote users running on the Windows® MacOS&trade Linux® Android® or Apple® iOS platforms.
- Enables agentless integration with Microsoft® Active Directory® and Terminal Services LDAP Novell® eDirectory&trade and Citrix®.
- Easily integrates your firewall policies with 802.1X wireless proxies NAC solutions and any other source of user identity information. Prevents known and unknown threats
- Blocks a range of known threats including exploits malware and spyware across all ports regardless of common threat-evasion tactics employed.
- Limits the unauthorized transfer of files and sensitive data and safely enables non-work-related web surfing.
- Identifies unknown malware analyzes it based on hundreds of malicious behaviors and then automatically creates and delivers protection.
- Threat prevention throughput is measured with App-ID User-ID IPS antivirus anti-spyware and Disable Server Response Inspection(DSRI) features enabled
- Throughput is measured with 64Kb HTTP transactions
- Connections per second is measured with 4Kb HTTP transactions
Performance and capacities | PA-7080 system | PA-7050 system | PA-7000 NPC | PA-7000 NPC-XM2 |
---|---|---|---|---|
Firewall throughput (App-ID enabled) | 200 Gbps | 120 Gbps | 20 Gbps | 20 Gbps |
Threat prevention throughput (DSRI Enabled) | 160 Gbps | 100 Gbps | 16 Gbps | 16 Gbps |
Threat prevention throughput | 100 Gbps | 60 Gbps | 10 Gbps | 10 Gbps |
IPsec VPN throughput | 80 Gbps | 48 Gbps | 8 Gbps | 8 Gbps |
Max sessions | 80000000 | 48000000 | 4000000 | 8000000 |
New sessions per second | 1200000 | 720000 | 120000 | 120000 |
Virtual systems (base/max1) | 25/225* | 25/225* | &ndash | &ndash |
1 Adding virtual systems to the base quantity requires a separately purchased license.
2 Network processing card with enhanced session capacity.
 
Features:
The PA-7000 Series supports a wide range of networking features that enable you to more easily integrate our security features into your existing network.
Networking Features | |
---|---|
Interface Modes | IPsec VPN |
|
|
Routing | |
| |
VLANs | |
| |
IPv6 | |
Network Address Translation (NAT) | |
| |
| |
  | |
High Availability | |
|