PA-220

Prevent threats, enable applications

Next-generation firewall in a small footprint

The PA-220 is a next-generation firewall appliance in a small form factor that secures networks by preventing a broad range of cyber threats while safely enabling applications.

Visibility, control and power to prevent network threats

The PA-220 desktop form factor brings the same PAN-OS® features that protect your largest data centers – including high availability with active/active and active/passive modes – to small organizations and remote or branch offices. It provides interactive visibility and control of applications, users and content at throughput speeds up to 500 Mbps.






Combines simplicity and unparalleled reliability

The PA-220 provides dual DC power inputs and high availability configuration for increased reliability, a fanless design and solid-state storage for quiet operation, and no moving parts for increased reliability. It simplifies the deployment of large numbers of firewalls through its bootstrapping feature and USB port.

Learn more

Classifies all applications, on all ports, all the time

The PA-220 identifies any application, regardless of port, encryption (SSL or SSH) or evasive technique employed, and uses the application – not the port – as the basis for all your safe enablement policy decisions: allow, deny, schedule, inspect and apply traffic-shaping. It also categorizes unidentified applications for policy control, threat forensics or custom App-ID development.

Enforces security policies for any user, at any location

The PA-220 lets you deploy consistent policies to local and remote users running on Windows®, macOS®, Linux, Android® or Apple® iOS platforms. You get agentless integration with Microsoft® Active Directory® and Terminal Services, LDAP, Novell® eDirectory and Citrix®, and you can integrate your firewall policies easily with 802.1X wireless, proxies, network access control and other sources of user identity.

Prevents known and unknown threats

The PA-220 blocks a range of threats, including exploits, malware and spyware, across all ports, regardless of common threat-evasion tactics employed. It limits the unauthorized transfer of files and sensitive data to safely enable non-work-related web surfing. It also identifies unknown malware, analyzes it based on hundreds of malicious behaviors, and then automatically creates and delivers protection.

The PA-220

1. Firewall throughput measured with App-ID and logging enabled, utilizing 64KB HTTP transactions

2. Threat Prevention throughput measured with App-ID, IPS, antivirus, anti-spyware, WildFire and logging-enabled, utilizing 64KB HTTP transactions

3. New sessions per second measured with application-override, utilizing 1-byte HTTP transactions

 

Request your Security Lifecycle Review

The SLR examines your network traffic and generates a comprehensive report unique to your organization to help you discover the applications and threats exposing vulnerabilities in your security posture. Request now

 

 

Are you ready to take the
Ultimate Test Drive?

If you're ready to take the test drive, pick the best time for you below!

All times are displayed in Pacific time.


Learn


Evaluate


Implement