Palo Alto Networks PA-220R is a ruggedized ML-Powered Next-Generation Firewall that brings next-generation capabilities to industrial applications in harsh environments.
The PA-220R ruggedized appliance secures industrial and defense networks in a range of harsh environments, such as utility substations, power plants, manufacturing plants, oil and gas facilities, building management systems, and healthcare networks.
Key Security and Connectivity Features
Classifies all applications, on all ports, all the time
- Employs App-IDs for industrial protocols and applications, such as Modbus, DNP3, IEC 60870-5-104, Siemens S7, OSIsoft PI®, and more.
- Identifies the application, regardless of port, SSL/SSH encryption, or evasive technique employed.
- Uses the application, not the port, as the basis for all your safe enablement policy decisions: allow, deny, schedule, inspect, and apply traffic-shaping.
- Categorizes unidentified applications for policy control, threat forensics, or App-ID™ technology development.
- Provides full visibility into the details of all TLS-encrypted connections and stops threats hidden in encrypted traffic, including traffic that uses TLS 1.3 and HTTP/2 protocols.
Enforces security policies for any user, at any location
- Deploys consistent policies to local and remote users running on the Windows®, macOS®, Linux, Android®, or Apple iOS platforms.
- Enables agentless integration with Microsoft Active Directory® and Terminal Services, LDAP, Novell eDirectory™, and Citrix.
- Easily integrates your firewall policies with 802.1X wireless, proxies, network access control, and any other source of user identity information.
Extends native protection across all attack vectors with cloud-delivered security subscriptions
- Threat Prevention—inspects all traffic to automatically block known vulnerabilities, malware, vulnerability exploits, spyware, command and control (C2), and custom intrusion prevention system (IPS) signatures.
- WildFire® malware prevention—protects against unknown file-based threats, delivering automated prevention in seconds for most new threats across networks, endpoints, and clouds.
- URL Filtering—prevents access to malicious sites and protects users against web-based threats.
- DNS Security—detects and blocks known and unknown threats over DNS while predictive analytics disrupt attacks using DNS for C2 or data theft.
- IoT Security—discovers all unmanaged devices in your network, identifies risks and vulnerabilities, and automates enforcement policies for your Next-Generation Firewall using a new Device-ID™ policy construct.
Enables SD-WAN functionality
- Allows you to easily adopt SD-WAN by simply enabling it on your existing firewalls.
- Enables you to safely implement SD-WAN, natively integrated with our industry-leading security.
- Delivers an exceptional end user experience by minimizing latency, jitter, and packet loss.
