PA-220R

Prevent threats, enable applications in harsh environments

Ruggedized for industrial applications

The PA-220R is a next-generation firewall appliance in a ruggedized form factor, providing rock-solid network security for severe environments, such as utility substations, power plants, manufacturing plants, oil and gas facilities, building management systems and healthcare networks.

Protection, visibility and control where you need it most

The ruggedized PA-220R next-generation firewall brings you the same PAN-OS® features that protect your largest data centers, offers an extended temperature range and is certified to IEEE 1613 and IEC 61850-3 standards for vibration, temperature and immunity to electromagnetic interference. It provides interactive visibility and control of industrial protocols and applications such as Modbus, DNP3, IEC 60870-5-104, Siemens S7, OSIsoft® PI and more.



Combines simplicity and unparalleled reliability

The PA-220R provides dual DC power inputs and high availability configuration for increased reliability, a fanless design and solid-state storage for quiet operation, and no moving parts for increased reliability. It simplifies the deployment of large numbers of firewalls through its bootstrapping feature and USB port.

Classifies all applications, on all ports, all the time

The PA-220R identifies any application, regardless of port, encryption (SSL or SSH) or evasive technique employed, and uses the application – not the port – as the basis for all your safe enablement policy decisions: allow, deny, schedule, inspect and apply traffic-shaping. It also categorizes unidentified applications for policy control, threat forensics or custom App-ID development.

Enforces security policies for any user, at any location

The PA-220R lets you deploy consistent policies to local and remote users running on Windows®, macOS®, Linux, Android® or Apple® iOS platforms. You get agentless integration with Microsoft® Active Directory® and Terminal Services, LDAP, Novell® eDirectory and Citrix®, and you can integrate your firewall policies easily with 802.1X wireless, proxies, network access control and other sources of user identity.

Prevents known and unknown threats

The PA-220R blocks a range of threats, including exploits, malware and spyware, across all ports, regardless of common threat-evasion tactics employed. It limits the unauthorized transfer of files and sensitive data to safely enable non-work-related web surfing. It also identifies unknown malware, analyzes it based on hundreds of malicious behaviors, and then automatically creates and delivers protection.

Read More

The PA-220R

The PA-220R

  • 500 Mbps firewall throughput1
  • 150 Mbps Threat Prevention throughput2
  • 100 Mbps IPsec VPN throughput
  • 64,000 max sessions
  • 4,200 new sessions per second3
  • 1,000 IPsec VPN tunnels/tunnel interfaces
  • 3 virtual routers
  • 15 security zones
  • 250 max number of policies

1. Firewall throughput measured with App-ID and logging enabled, utilizing 64KB HTTP transactions

2. Threat Prevention throughput measured with App-ID, IPS, antivirus, anti-spyware, WildFire and logging-enabled, utilizing 64KB HTTP transactions

3. New sessions per second measured with application-override, utilizing 1-byte HTTP transactions

 

Request your Security Lifecycle Review

The SLR examines your network traffic and generates a comprehensive report unique to your organization to help you discover the applications and threats exposing vulnerabilities in your security posture. Request now

 

 

Are you ready to take the
Ultimate Test Drive?

If you're ready to take the test drive, pick the best time for you below!

All times are displayed in Pacific time.


Learn


Evaluate


Implement