Description
The Palo Alto Networks® PA-7050 is designed to protect datacenters and high-speed networks with firewall throughput of up to 120 Gbps and full threat prevention at speeds of up to 100 Gbps. The PA-7050 is a modular chassis, allowing you to scale performance and capacity by adding up to six network processing cards as your requirements change; yet it is a single system, making it as easy to manage as all of our other appliances.
The PA-7050 delivers performance and scalability by intelligently applying all available networking and security processing power to application layer traffic classification and threat protection tasks. Orchestrating this ballet of session management tasks is the First Packet Processor which constantly tracks the shared pool of processing and I/O resources across all of the NPCs. When the FPP determines that additional processing resources are available, traffic is intelligently directed across the high-speed switch fabric to that location, even if it resides on a separate NPC. The FPP is the key to delivering linear scalability to the PA-7050, working in conjunction with each of the network processors on the NPCs to utilize all of the available computing resources as a single, cohesive system. This means that as NPCs are added, no traffic engineering changes are required in order to utilize the added capacity.
The controlling element of the PA-7050 is PAN-OSTM, a security-specific operating system that natively classifies all traffic, inclusive of applications, threats and content, then ties that traffic to the user, regardless of location or device type. The application, content, and user—the elements that run your business—are then used as the basis of your security policies, resulting in an improved security posture and a reduction in incident response time. All traffic classification, content inspection, policy lookup and execution are performed in a single pass. The single pass software architecture, when combined with the processing power of the PA-7050, ensures that you achieve predictable throughput.
CLASSIFY ALL APPLICATIONS, ON ALL PORTS, ALL THE TIME WITH APP-ID™.
- Identify the application, regardless of port, encryption (SSL or SSH) or evasive technique employed.
- Use the application, not the port, as the basis for all safe enablement policy decisions: allow, deny, schedule, inspect, apply traffic shaping.
- Categorize unidentified applications for policy control, threat forensics, custom App-ID creation, or packet capture for App-ID development.
EXTEND SAFE APPLICATION ENABLEMENT POLICIES TO ANY USER, AT ANY LOCATION, WITH USER-ID™ AND GLOBALPROTECT™.
- Agentless integration with Active Directory, LDAP, eDirectory Citrix and Microsoft Terminal Services.
- Easily integrate firewall policies with NAC, 802.1X wireless, Proxies and NAC solutions.
- Deploy consistent policies to local and remote users running Microsoft Windows, Mac OS X, Linux, Android or iOS platforms.
PROTECT AGAINST ALL THREATS—BOTH KNOWN AND UNKNOWN—WITH CONTENT-ID™ AND WILDFIRE™.
- Block a range of known threats including exploits, malware and spyware, across all ports, regardless of common threat evasion tactics employed.
- Limit unauthorized transfer of files and sensitive data, and control non work-related web surfing.
- Identify unknown malware, analyze it based on more than 230 malicious behaviors, then automatically create and deliver protection in the next content update.