Data Center Firewall

High-Performance Data Center Firewall

The data center is the heart and soul of the enterprise, acting as the location that touches all business applications and transactions. Yet network security solutions struggle to protect the data flowing in and out of the datacenter.

At one time, data center applications were restricted to internal networks where ample bandwidth was available and delays or latency issues had little or no effect on business. Times have changed in several respects. Data center applications must now deal with traffic from internal and external sources and the transaction size has shrunk – due to the HTTP-centric nature of most applications. Unlike ever before, the nature of the business today is online and real-time -- latency, performance degradation or unplanned outages are unacceptable.

These traffic characteristics, combined with the need to protect applications against vulnerability exploits, place an unprecedented strain on existing security infrastructure in terms of performance. Simply put, today’s port-centric, cobbled-together solution alternatives cannot keep pace.

Palo Alto Networks' Enterprise Firewalls

Palo Alto Networks’ next generation firewall addresses these issues with the SP3 Architecture which combines single pass software with parallel processing hardware to deliver the perfect mix of raw throughput, transaction processing and vulnerability protection  that today’s high performance data centers require.

  • Single pass software: Traffic touches each of the functional areas only once, passing through networking, application classification, user classification, and threat prevention in a single pass. In the data center, the single pass software, combined with the purpose-built platform delivers high performance firewall and vulnerability protection (IPS).
  • Parallel processing: The purpose-built hardware platform utilizes function-specific processing for networking, security, threat prevention and management to maximize performance while a 10 Gbps backplane eliminates potential bottlenecks often found in other security offerings.
  • Separation of control and data planes: To ensure that management access is always available, irrespective of the traffic or management load, the data plane and control plane are completely separated with their own processing, an industry first for the firewall market.

Read more about the Palo Alto Networks Single Pass Parallel Processing Architecture.