Palo Alto PA-220 Next-Gen firewall write-up!

Palo Alto is truly among the very top names in cyber-security. And the PA-220 is part of a family of Next-Generation firewalls that are the world’s first to be truly driven by Machine Learning.

In order to understand why this is a big deal, we need a decent working definition of ML, so here goes:

“Machine Learning is the science of getting computers to learn and act like humans do, and improve their learning over time in autonomous fashion, by feeding them data and information in the form of observations and real-world interactions.” This isn’t our definition, but it’s a pretty good one.

Why it’s a big deal

In short, ML is the science of getting computers to get smarter over time, on their own, like humans do. It is not exactly the same as Artificial Intelligence, but for our purposes, it’s close. There’s an old axiom about computers; they don’t do what you want them to; they do what you tell them to.

So it’s not hard to see why you might want a firewall that can think, spot patterns, and act without being specifically programmed. In other words, it does what you want, without having to be told. ML is simply a device harnessing data, observations, and interactions in order to correctly generalize to new settings.

Like Palo Alto says, “Don’t just react. Think ahead.” Reactive security can’t keep up with current threats — or prepare you for tomorrow’s. So rather than relying on signatures to identify threats, the PA-220 analyzes behaviors, then responds appropriately, and quickly.

The Palo Alto PA-220

The PA-220 is at Palo Alto’s entry point of Next-Gen firewalls. The PA-400 series are the next level up in performance. But the same software that runs all Palo Alto firewalls powers the PA-220. It’s called PAN-OS, and it natively classifies all traffic, inclusive of applications, threats, and content. It then ties that traffic to the user regardless of location or device type The application, content, and user (the elements that run your business) then serve as the basis of your security policies. This results in improved security posture and reduced response times.


The PA-220 is loaded with capabilities, as you would expect from any Palo Alto product. It identifies and categorizes all applications, on all ports, all the time, with full Layer 7 inspection. And it does so irrespective of of port, protocol, evasive techniques, or encryption.

It also prevents malicious activity concealed in encrypted traffic. It does this by inspecting and policing TLS/SSL-encrypted traffic, inbound and outbound. And, you will have deep visibility into TLS traffic. For example, you can see the amount of encrypted traffic, TLS/SSL versions, cipher suites and more, without decrypting.

And interestingly, the Palo Alto PA-220 performs networking, policy lookup, application / de-coding, and signature matching in a single pass. And that’s for all threats and content. This greatly reduces the amount of processing overhead required to perform multiple functions in one firewall. It avoids introducing latency by scanning traffic for all signatures in a single pass. It does this using stream-based, uniform signature matching.

And of course, the PA-220 benefits from centralized management, configuration, and visibility for multiple firewalls. Of course, this is irrespective of location or scale. There’s a lot more to be said about this firewall’s features, but you’ll just need to call us at 877-449-0458; we’d love to tell you more.


Total Firewall Throughput is 560 Mbps, and Threat Prevention Throughput is upwards of 300 Mbps. IPsec VPN Throughput is 570 Mbps. The PA-220 delivers 4,200 new sessions per second.

We’re excited about the PA-220, and we’d love to tell you more about it. So, why not give us a call at 877-449-0458, or reach out at [email protected]? Thanks for reading!

Palo Alto PA-220 At-a-Glance

Total Firewall Throughput: 560 Mbps
IPSec VPN Throughput: 570 Mbps
Threat Prevention Throughput: 300 Mbps
Single-pass traffic scanning reduces latency