• • PA-4000 Series Firewall
  • Management Tools
  • Technology
  • How To Buy
• • Press Releases
  • In The News
  • People Are Talking
  • Events
• • About Us
  • Management Team
  • Board of Directors
  • Investors
  • Careers
  • Contact Us

application research center

The PA-4000 Series classifies traffic based on the accurate identification of the application, irrespective of port, protocol, SSL encryption or evasive tactic employed.

PA-4000 Series Firewall

The PA-4000 Series is a next generation firewall that combines policy-based application visibility and control with real-time threat prevention and purpose built performance to protect traffic flowing through the Internet gateway.

 

Key features and benefits of the PA-4000 Series include:

 

Application-centric traffic classification: A patent-pending traffic classification technology called App-IDTM, accurately identifies applications traversing the network irrespective of port, protocol, SSL encryption or evasive tactic, giving administrators unprecedented visibility into, and control over, their applications traffic.

 

SSL inspection: Identifies and decrypts applications that use SSL, enabling policy-based visibility into and control over the ever increasing amounts of SSL traffic.

 

Application visibility: A rich set of graphical visibility tools, customizable reporting and logging presents administrators with a wealth of knowledge on which applications are traversing the network in a clear and concise manner for rapid interpretation. Armed with this information, administrators are enabled to make a more informed decision on how to treat the application.

 

Policy-based application control: Policy-based application control is enabled using a policy-editor that takes full advantage of existing firewall knowledge and the application browser, an integral component of the policy editor that presents administrators with a wealth of information to answer the question of what is this application and how should it be treated. Using the application browser, administrators can quickly research an application and immediately translate the results into a security policy.

 

User-based visibility and control: Seamless integration with Microsoft Active Directory (AD) facilitates application visibility and policy creation based on user and group information in AD, not just IP address.

 

Real-time threat prevention: Detects and blocks viruses, spyware, worms and application vulnerabilities in real-time, dramatically improving performance and accuracy.

 

High performance: Purpose-built platform with dedicated processing for networking, security, threat prevention and management delivers the performance required to protect today’s high speed networks and eliminate security bottlenecks commonly associated with computationally intensive security applications.

 

Networking architecture: Robust networking architecture including site-to-site IPSec VPN connectivity enables flexible deployment in nearly any networking environment. Virtual wire mode (completely transparent to surrounding devices) allows two ports to be paired so that all traffic coming in one port will, if allowed by policy, be sent out the other. Layer 2 and layer 3 features include full 802.1Q VLAN support so that all services can be provided without interfering with the existing VLAN architecture.

The PA-4000 Series is available in two models:

• PA-4020: The PA-4020 delivers 2 Gbps firewall throughput and 2 Gbps of threat prevention throughput.
• PA-4050: The PA-4050 delivers 10 Gbps of firewall throughput and 5 Gbps of threat prevention throughput.

Copyright ©2007 Palo Alto Networks. All rights Reserved.  |  Privacy  |  Site Map   |  Contact Us  |  Terms of Use