Performance without compromising security

Redefining high-performance network security

PA-7000 Series next-generation firewalls enable large organizations and service providers to secure high-performance, business-critical environments, such as large data centers and high-bandwidth network perimeters.

Perfect blend of performance, intelligence and simplicity

Why settle for trade-offs between rock-solid security and blazing performance? PA-7000 Series appliances block known and unknown threats – including malware, exploits, and command and control – with extremely high performance.

The PA-7000 Series blends ultra-efficient software with more than 1,500 function-specific processors for networking, security, content inspection and management. The all-new Network Processing Cards in the PA-7080 deliver 35 Gbps of App-ID™ technology throughput, and each chassis supports up to ten NPCs!


Secure your networks without holding back the business

PA-7000 Series appliances protect your business with a prevention-focused architecture and integrated innovations that are easy to deploy and use – so you can cut risks and speed growth at the same time.


Classify all applications on all ports, all the time

PA-7000 Series appliances identify the application, regardless of port, SSL/SSH encryption or evasive technique employed, and use the application – not the port – as the basis for all your safe enablement policy decisions: allow, deny, schedule, inspect and apply traffic-shaping. They also categorize unidentified applications for policy control, threat forensics or custom App-ID development.

Learn more

Enforce security policies for any user at any location

The PA-7000 Series NGFWs are integrated to facilitate policy deployment and enforcement. You can deploy consistent policies to local and remote users running on Windows®, macOS®, Linux, Android® or Apple iOS platforms. You get agentless integration with Microsoft Active Directory® and Terminal Services, LDAP, Novell eDirectory™ and Citrix. You can also integrate your firewall policies easily with 802.1X wireless, proxies, network access control and other sources of user identity information.

Prevent known and unknown threats

PA-7000 Series appliances block a range of threats, including exploits, malware and spyware, across all ports, regardless of common evasion tactics employed. They limit the unauthorized transfer of files and sensitive data to safely enable non-work-related web surfing. They also identify unknown malware, analyze it based on hundreds of malicious behaviors, and then automatically create and deliver protection.

Learn what’s new

The PA-7000 Series family


  • 630/720 Gbps firewall throughput1
  • 610 Gbps Threat Prevention throughput (DSRI enabled)2
  • 294/350 Gbps Threat Prevention throughput3
  • 240 Gbps IPsec VPN throughput4
  • 320 M max sessions
  • 4.8 M new sessions per second
  • 25/225 virtual systems (base/max)5


  • 380/430 Gbps firewall throughput1
  • 366 Gbps Threat Prevention throughput (DSRI enabled)2
  • 176/210 Gbps Threat Prevention throughput3
  • 144 Gbps IPsec VPN throughput4
  • 192 M max sessions
  • 2.9 M new sessions per second
  • 25/225 virtual systems (base/max)5

1. Firewall throughput is measured with App-ID and logging enabled, utilizing 64KB HTTP/appmix transactions
2. Disable Service Response Inspection (DSRI) Threat Prevention throughput is measured with App-ID, IPS, antivirus and anti-spyware enabled, utilizing 64KB HTTP transactions
3. Threat Prevention throughput is measured with App-ID, IPS, antivirus, anti-spyware, WildFire and logging enabled, utilizing 64KB HTTP/appmix transactions
4. IPsec VPN throughput is measured with 64KB HTTP transactions
5. Adding virtual systems to the base quantity requires a separately purchased license


Request your Security Lifecycle Review (SLR)

The SLR examines your network traffic and generates a comprehensive report unique to your organization to help you discover the applications and threats exposing vulnerabilities in your security posture. Request now



Are you ready to take the
Ultimate Test Drive?

If you're ready to take the test drive, pick the best time for you below!

All times are displayed in Pacific time.