Palo Alto Networks PA-7000 Series ML-Powered Next-Generation Firewalls enable enterprise-scale organizations and service providers to deploy security in high-performance environments, such as large data centers and high-bandwidth network perimeters. Designed to handle growing throughput needs for application-, user-, and device-generated data, these systems offer amazing performance, prevention capabilities to stop the most advanced cyberattacks, and high-throughput decryption to stop threats hiding under the veil of encryption. Built to maximize security-processing resource utilization and automatically scale as new computing power becomes available, the PA-7000 Series offers simplicity defined by a single-system approach to management and licensing.
Key Security Features
Classifies all applications, on all ports, all the time
- Identifies the application, regardless of port, SSL/SSH encryption, or evasive technique employed.
- Uses the application, not the port, as the basis for all your safe enablement policy decisions.
- Categorizes unidentified applications for policy control, threat forensics, or App-ID™ technology development.
- Provides full visibility into the details of all TLS-encrypted connections and stops threats hidden in encrypted traffic, including traffic that uses TLS 1.3 and HTTP/2 protocols
Enforces security policies for any user, at any location
- Deploys consistent policies to Windows®, macOS®, Linux, Android®, or Apple iOS platforms.
- Enables agentless integration with Microsoft Active Directory® and Terminal Services, LDAP, Novell eDirectory™, and Citrix.
- Easily integrates your firewall policies with 802.1X wireless, proxies, network access control, and any other source of user identity information.
Extends native protection across all attack vectors with cloud-delivered security subscriptions
- Threat Prevention—inspects all traffic to automatically block known vulnerabilities, malware, vulnerability exploits, spyware, command and control (C2), and custom intrusion prevention system (IPS) signatures.
- WildFire® malware prevention—protects against unknown file-based threats, delivering automated prevention in seconds for most new threats across networks, endpoints, and clouds.
- URL Filtering—prevents access to malicious sites and protects users against web-based threats.
- DNS Security—detects and blocks known and unknown threats over DNS while predictive analytics disrupt attacks using DNS for C2 or data theft.
- IoT Security—discovers all unmanaged devices in your network, identifies risks and vulnerabilities, and automates enforcement policies for your ML-Powered NGFW using a new Device-ID™ policy construct.