350
430330421142454813-906767-6423542281
Paloalto PA-820

Paloalto PA-820

Paloalto PA-820

Genel Özellikler
Teknik Spesifikasyonlar
Markalar ve Modeller

Genel Özellikler

                Better together: security and connectivity for the branch

Don’t let your branches be the weak links of your business. The PA-800 Series is a family of Next-Generation Firewall appliances that provides world-class security and connectivity for enterprise branches and midsize businesses.

IoT Security is easier than you think

Your security team is now empowered to secure your enterprise IoT investments without additional resources, creating new processes and investing in new siloed tools.

Industry-leading security and SD-WAN

Consistent security for your branches

Gain full visibility into the details of all TLS encrypted connections and stop threats hidden within encrypted traffic, including traffic that uses TLS1.3 and HTTP/2 protocols.

Security and SD-WAN natively integrated

Enable secure SD-WAN rom a single appliance and management interface for seamless branch connectivity.

Simplified operations

With zero touch provisioningyou can automate tedious deployment processes and simplify manual operations.

 

Teknik Spesifikasyonlar

Performance
App-ID firewall throughput1.6 Gbps
Threat prevention throughput800 Mbps
IPSec VPN throughput1.2 Gbps
Connections per second8,300
Sessions
Max sessions (IPv4 or IPv6)130,000
Policies
Security rules1,500
Security rule schedules256
NAT rules3,000
Decryption rules100
App override rules100
Tunnel content inspection rules100
SD-WAN rules100
Policy based forwarding rules100
Captive portal rules500
DoS protection rules100
Security Zones
Max security zones30
Objects (addresses and services)
Address objects2,500
Address groups250
Members per address group2,500
Service objects1,000
Service groups250
Members per service group500
FQDN address objects2,000
Max DAG IP addresses*1,000
Tags per IP address32
Security Profiles
Security profiles100
App-ID
Custom App-ID signatures6,000
Shared custom App-IDs512
Custom App-IDs (virtual system specific)6,416
User-ID
User-IP mappings (management plane)512,000
User-IP mappings (data plane)128,000
Active and unique groups used in policy*1,000
Number of User-ID agents100
Monitored servers for User-ID100
Terminal server agents1,000
Tags per User*32
SSL Decryption
Max SSL inbound certificates75
SSL certificate cache (forward proxy)1,000
Max concurrent decryption sessions12,800
SSL Port MirrorYes
SSL Decryption BrokerNo
HSM SupportedNo
URL Filtering
Total entries for allow list, block list and custom categories25,000
Max custom categories2,849
Max custom categories (virtual system specific)500
Dataplane cache size for URL filtering90,000
Management plane dynamic cache size600,000
EDL
Max number of custom lists30
Max number of IPs per system50,000
Max number of DNS Domains per system1,000,000
Max number of URL per system100,000
Shortest check interval (min)5
Interfaces
Mgmt - out-of-band10/100/1000, RJ45/Micro USB console
Mgmt - 10/100/1000 high availability2
Mgmt - 40Gbps high availabilityNA
Mgmt - 10Gbps high availabilityNA
Traffic - 10/100/10004
Traffic - 100/1000/10000NA
Traffic - 1Gbps SFP8
Traffic - 10Gbps SFP+NA
Traffic - 40Gbps QSFPNA
802.1q tags per device4,094
802.1q tags per physical interface4,094
Max interfaces (logical and physical)1,024
Maximum aggregate interfaces6
Maximum SD-WAN virtual interfaces500
Virtual Routers
Virtual routers5
Virtual Wires
Virtual wires512
Virtual Systems
Base virtual systems1
Max virtual systems*NA
Routing
IPv4 forwarding table size*5,000
IPv6 forwarding table size*5,000
System total forwarding table size10,000
Max route maps per virtual router50
Max routing peers (protocol dependent)1,000
Static entries - DNS proxy1,024
Bidirectional Forwarding Detection (BFD) SessionsNA
L2 Forwarding
ARP table size per device3,000
IPv6 neighbor table size3,000
MAC table size per device3,000
Max ARP entries per broadcast domain3,000
Max MAC entries per broadcast domain3,000
NAT
Total NAT rule capacity3,000
Max NAT rules (static)*3,000
Max NAT rules (DIP)*3,000
Max NAT rules (DIPP)3,000
Max translated IPs (DIP)3,000
Max translated IPs (DIPP)*400
Default DIPP pool oversubscription*2
Address Assignment
DHCP servers5
DHCP relays*500*
Max number of assigned addresses64,000
High Availability
Devices supported2
Max virtual addresses48
QoS
Number of QoS policies250
Physical interfaces supporting QoS12
Clear text nodes per physical interface31
DSCP marking by policyYes
Subinterfaces supported1,024
IPSec VPN
Max IKE Peers1,000
Site to site (with proxy id)2,000
SD-WAN IPSec tunnels1,000
GlobalProtect Client VPN
Max tunnels (SSL, IPSec, and IKE with XAUTH)1,000
GlobalProtect Clientless VPN
Max SSL tunnels200
Multicast
Replication (egress interfaces)200
Routes1,500
Model bulunamadı.