Palo Alto Networks Enterprise Firewall PA-7050

Palo Alto Networks Enterprise Firewall PA-7050

The PA-7050 protects datacenters and high-speed networks with firewall throughput of up to 120 Gbps and, fullthreat prevention at speeds of up to 100 Gbps. To address the computationally intensive nature of full-stack classification and analysis at speeds of 120 Gbps, more than 400 processors are distributed across networking, security, switch managementand logging functions. The result is that the PA-7050 allows you to deploy next-generation security in your datacenters without compromising performance.

  • 120 Gbps firewall throughput (App-ID enabled)
  • 60 Gbps threat prevention throughput
  • 24 Gbps IPSec VPN throughput
  • 24,000,000 max sessions
  • 720,000 new sessions per second
  • 120,000 IPSec VPN tunnels/tunnel interfaces
  • 20,000 SSL VPN Users
  • 225 virtual routers
  • 25/225 virtual systems (base/max)
  • 900 security zones
  • 40,000 max number of policies
Liên hệ mua hàng

Tư vấn, hỏi giá, Mua hàng: Vui lòng gọi

HOTLINE: 0913324060

Đặt hàng: info@emerald.com.vn

Hàng chính hãng

Giao hàng ngay (Nội thành TP.HCM)

Nhân viên Kinh Doanh

  • Ms Sang: 0913 324 060
  • Mr Huy: 0929 668 446
  • Mr.Kha: 0358.223.136

Tư vấn kỹ thuật:

  • Mr Huy - 0929 668 446
Model PA-7050 System PA-7000-20G-NPC
PA-7050 System PA-7000-20G-NPC
Performance and Capacities Specifications
Firewall throughput (App-ID enabled) 120 Gbps 20 Gbps
Threat prevention throughput (DSRI Enabled2) 100 Gbps 16 Gbps
Threat prevention throughput 60 Gbps 10 Gbps
IPSec VPN throughput 24 Gbps 4 Gbps
New sessions per second 720,000 120,000
Max sessions 24,000,000 4,000,000
Virtual routers 225 225
Virtual systems (base/max3) 25/225 N/A
Security zones 900 900
Max. number of policies 40,000 40,000
Hardware Specifications
I/O (72) 10/100/1000, (48) Gigabit SFP, (24) 10 Gigabit SFP+ (12) 10/100/1000, (8) Gigabit SFP, (4) 10 Gigabit SFP+ (Each PA-7050 supports up to six NPCs)
Management I/O ((2) 10/100/1000+(2) 40Gbps high availability,
(1) 10/100/1000 out-of-band management, (1) RJ45 console port
Storage Options 80GB SSD System Drive + 4x1TB HDD on Log Processing Card
Storage Capacity 2TB RAID1
Power supply (Avg/max power consumption) 4x2500W AC (2400W / 2700W) 4x2500W AC (2400W / 2700W)
Max BTU/HR 9,213 9,213
Input Voltage (Input Frequency) 200-240VAC (50-60Hz)
Max Current Consumption 12A@240VAC
Max Inrush Current 200A
Dimensions 15.75"H x 19"W x 24"D
Weight (Stand alone device/as shipped) 184Lbs
Safety UL, CUL, CB
EMI FCC Class A, CE Class A, VCCI Class A
Certifications NEBS Level 3 (pending)
Environment
Operating temperature 32° to 122° F, 0° to 50° C
Non-operating temperature -4° to 158° F, -20° to 70° C


Networking Specifications:
 

Interface Modes
  • L2, L3, Tap, Virtual wire (transparent mode)

Routing

  • OSPFv2/v3, BGP with graceful restart, RIP, static routing
  • Policy-based forwarding
  • Point-to-Point Protocol over Ethernet (PPPoE)
  • Multicast: PIM-SM, PIM-SSM, IGMP v1, v2, and v3

IPV6

  • L2, L3, tap, virtual wire (transparent mode)
  • Features: App-ID, User-ID, Content-ID, WildFire and SSL decryption

IPSEC VPN

  • Key Exchange: Manual key, IKE v1 (Pre-shared key, certificate-based authentication)
  • Encryption: 3DES, AES (128-bit, 192-bit, 256-bit)
  • Authentication: MD5, SHA-1, SHA-256, SHA-384, SHA-512
 VLANS
  • 802.1q VLAN tags per device/per interface: 4,094/4,094
  • Aggregate interfaces (802.3ad)

Network Address Translation (NAT):

  • NAT modes (IPv4): static IP, dynamic IP, dynamic IP and port (port address translation)
  • NAT64
  • Additional NAT features: Dynamic IP reservation, dynamic IP and port oversubscription

High-Availability

  • Modes: Active/Active, Active/Passive
  • Failure detection: Path monitoring, Interface monitoring


Security Specifications:
 

Firewall
  • Policy-based control over applications, users and content
  • Fragmented packet protection
  • Reconnaissance scan protection
  • Denial of Service (DoS)/Distributed Denial of Services (DDoS) protection
  • Decryption: SSL (inbound and outbound), SSH

Wildfire

  • Identify and analyze targeted and unknown files for more than 100 malicious behaviors
  • Generate and automatically deliver protection for newly discovered malware via signature updates
  • Signature update delivery in less than 1 hour, integrated logging/reporting; access to WildFire API for programmatic submission of up to 100 samples per day and up to 1,000 report queries by file hash per day (Subscription Required)

File and Data Filtering

  • File transfer: Bi-directional control over more than 60 unique file types
  • Data transfer: Bi-directional control over unauthorized transfer of CC# and SSN
  • Drive-by download protection

User Integration (User-ID)

  • Microsoft Active Directory, Novell eDirectory, Sun One and other LDAP-based directories
  • Microsoft Windows Server 2003/2008/2008r2, Microsoft Exchange Server 2003/2007/2010
  • Microsoft Terminal Services, Citrix XenApp
  • XML API to facilitate integration with non-standard user repositories

IPSEC VPN (Site-To-Site)

  • Key Exchange: Manual key, IKE v1
  • Encryption: 3DES, AES (128-bit, 192-bit, 256-bit)
  • Authentication: MD5, SHA-1, SHA-256, SHA-384, SHA-512
  • Dynamic VPN tunnel creation (GlobalProtect)
 Threat Prevention (Subscription Required)
  • Application, operating system vulnerability exploit protection
  • Stream-based protection against viruses (including those embedded in HTML, Javascript, PDF and compressed), spyware, worms
URL Filtering (Subscription Required)
  • Pre-defined and custom URL categories
  • Device cache for most recently accessed URLs
  • URL category as part of match criteria for security policies
  • Browse time information

Quality of Service (QOS)

  • Policy-based traffic shaping by application, user, source, destination, interface, IPSec VPN tunnel and more
  • 8 traffic classes with guaranteed, maximum and priority bandwidth parameters
  • Real-time bandwidth monitor
  • Per policy diffserv marking
  • Physical interfaces supported for QoS: 6

SSL VPN/Remote Access (GlobalProtect)

  • GlobalProtect Gateway
  • GlobalProtect Portal
  • Transport: IPSec with SSL fall-back
  • Authentication: LDAP, SecurID, or local DB
  • Client OS: Mac OS X 10.6, 10.7 (32/64 bit), 10.8 (32/64 bit), Windows XP, Windows Vista (32/64 bit), Windows 7 (32/64 bit)
  • Third party client support: Apple iOS, Android 4.0 and greater, VPNC IPSec for Linux

Management, Reporting, Visibility Tools

  • Integrated web interface, CLI or central management (Panorama)
  • Multi-language user interface
  • Syslog, Netflow v9 and SNMP v2/v3
  • XML-based REST API
  • Graphical summary of applications, URL categories, threats and data (ACC)
  • View, filter and export traffic, threat, WildFire, URL, and data filtering logs
  • Fully customizable reporting

* Adding virtual systems to the base quantity requires a separately purchased license.
1Performance and capacities are measured under ideal testing conditions using PAN-OS 6.0.
2DSRI = Disable Server Response Inspection.
3Adding virtual systems to the base quantity requires a separately purchased license.

PA-7050 Base AC Hardware Bundle. Includes AC Chassis, 4xAC power supplies, 2xFan Trays, Fan Filter, system cards, or optional upgraded system cards
#PAN-PA-7050-AC-SYS

PA-7050 Base DC Hardware Bundle. Includes DC Chassis, 4xDC power supplies, 2xFan Trays, Fan Filter, system cards, or optional upgraded system cards
#PAN-PA-7050-DC-SYS
 

Tường lửa Security Bảo mật Palo Alto NGFW
EmeraldETL