PaloGuard - Enterprise Security Platforms (2024)

Table of Contents
PA 7000 Series PA-5450 PA-5200 Series PA-3200 Series PA-800 Series PA-400 Series PA-220/220R M-200 Front Panel: Back Panel: M-600 Front Panel: Back Panel: Panorama Management Software

PaloGuard - Enterprise Security Platforms (1)

See Also
PALOALTO NETWORKS PA-3400 SERIES HARDWARE REFERENCE MANUAL Pdf DownloadFront Panel DescriptionPaloGuard - Enterprise Security PlatformsPA-1400 Series Front Panel

PaloGuard - Enterprise Security Platforms (2)

See Also
PA-3400 Series Front Panel


Next-Generation Firewalls Family

Take a closer look at the hardware architecture of each PA-Series Next-Generation Firewall family by selecting from the “Select” menu above or one of the PA-Series buttons below. ML-Powered Next-Generation Firewall (NGFW) enables you to prevent unknown threats, see and secure everything—including the Internet of Things (IoT)—and reduce errors with automatic policy recommendations.

  • PA 220/220R
  • PA 400 Series
  • PA 800 Series
  • PA 3200 Series
  • PA 5200 Series
  • PA 5450 Firewall
  • PA 7000 Series

PaloGuard - Enterprise Security Platforms (3)

PA 7000 Series

Series Product Image Description
PA 7000 Series

PA-7050 Firewall

  • 120 Gbps firewall throughput (App-ID enabled)
  • 60 Gbps threat prevention throughput
  • 24 Gbps IPSec VPN throughput
  • 24,000,000 max sessions
  • 720,000 new sessions per second
  • 120,000 IPSec VPN tunnels/tunnel interfaces
  • 20,000 SSL VPN Users
  • 225 virtual routers
  • 25/225 virtual systems (base/max)
  • 900 security zones
  • 40,000 max number of policies

PA-7080 Firewall

  • 200 Gbps firewall throughput (App-ID enabled)
  • 100 Gbps threat prevention throughput
  • 80 Gbps IPSec VPN throughput
  • 1,200,000 max sessions
  • 80,000,000 new sessions per second
  • 225 virtual routers
  • 25/225 virtual systems (base/max)
  • 900 security zones

PA-5450

Series Product Image Description
PA-5450

PA-5450 Firewall

  • 200 Gbps firewall throughput (HTTP/appmix)
  • 125 Gbps Threat Prevention throughput
  • 95 Gbps IPsec VPN throughput
  • 100M Max sessions
  • 4M New sessions per second

PA-5200 Series

Series Product Image Description
PA-5200 Series

PA-5280 Firewall

  • 68 Gbps firewall throughput (App-ID enabled)
  • 30 Gbps Threat Prevention throughput
  • 24 Gbps IPsec VPN throughput
  • 64,000,000 max sessions
  • 462,000 new sessions per second
  • 225 virtual routers
  • 25/225 virtual systems (base/max)
PA-5260 Firewall

  • 72.3 Gbps firewall throughput (App-ID enabled)
  • 30.2 Gbps threat prevention throughput
  • 21 Gbps IPSec VPN throughput
  • 32,000,000 max sessions
  • 458,000 new sessions per second
  • 225 virtual routers
  • 25/225 virtual systems (base/max)

PA-5250 Firewall

  • 35.9 Gbps firewall throughput (App-ID enabled)
  • 20.4 Gbps threat prevention throughput
  • 14 Gbps IPSec VPN throughput
  • 8,000,000 max sessions
  • 348,000 new sessions per second
  • 125 virtual routers
  • 25/125 virtual systems (base/max)

PA-5220 Firewall

  • 18.5 Gbps firewall throughput (App-ID enabled)
  • 9.2 Gbps threat prevention throughput
  • 5 Gbps IPSec VPN throughput
  • 4,000,000 max sessions
  • 169,000 new sessions per second
  • 20 virtual routers
  • 10/20 virtual systems (base/max)

PA-3200 Series

Series Product Image Description
PA-3200 Series

PA-3220 Firewall

  • 5 Gbps firewall throughput (App-ID enabled)
  • 2.2 Gbps Threat Prevention throughput
  • 2.5 Gbps IPsec VPN throughput
  • 1,000,000 sessions
  • 58,000 new sessions per second
  • 4,000 IPsec VPN tunnels/tunnel interfaces
  • 1,024 SSL VPN Users
  • 10 virtual routers
  • 1/6 virtual systems (base/max)
  • 60 security zones
  • 2,500 max number of policies

PA-3250 Firewall

  • 6.3 Gbps firewall throughput
    (App-ID enabled)
  • 3 Gbps Threat Prevention throughput
  • 3.2 Gbps IPsec VPN throughput
  • 2,000,000 sessions
  • 94,000 new sessions per second
  • 6,000 IPsec VPN tunnels/tunnel interfaces
  • 2,048 SSL VPN Users
  • 10 virtual routers
  • 1/6 virtual systems (base/max)
  • 60 security zones
  • 5,000 max number of policies

PA-3260 Firewall

  • 8.8 Gbps firewall throughput
    (App-ID enabled)
  • 4.7 Gbps Threat Prevention throughput
  • 4.8 Gbps IPsec VPN throughput
  • 3,000,000 max sessions
  • 135,000 new sessions per second
  • 6,000 IPsec VPN tunnels/tunnel interfaces
  • 2,048 SSL VPN Users
  • 10 virtual routers
  • 1/6 virtual systems (base/max)
  • 60 security zones
  • 5,000 max number of policies

PA-800 Series

Series Product Image Description
PA 800 Series

PA-820 Firewall

  • 940 Mbps firewall throughput (App-ID enabled)
  • 610 Mbps threat prevention throughput
  • 400 Mbps IPSec VPN throughput
  • 128,000 max sessions
  • 8,300 new sessions per second
  • 1000 IPSec VPN tunnels/tunnel interfaces
  • 5 virtual routers
  • 30 security zones
  • 1,500 max number of policies

PA-850 Firewall

  • 1.9 Gbps firewall throughput (App-ID enabled)
  • 780 Mbps threat prevention throughput
  • 400 Mbps IPSec VPN throughput
  • 192,000 max sessions
  • 9,500 new sessions per second
  • 1000 IPSec VPN tunnels/tunnel interfaces
  • 5 virtual routers
  • 40 security zones
  • 1,500 max number of policies

PA-400 Series

Series Product Image Description
PA 400 Series

PA-440 Firewall


  • 3.0 Gbps firewall throughput (HTTP/appmix)
  • 1.6 Gbps Gbps IPsec VPN throughput
  • 200,000 Max sessions
  • 39,000 New sessions per second

PA-220/220R

Series Product Image Description
PA 200/220R

PA-220 Firewall


  • 500 Mbps firewall throughput (App-ID enabled)
  • 150 Mbps threat prevention throughput
  • 100 Mbps IPSec VPN throughput
  • 64,000 max sessions
  • 4,200 new sessions per second
  • 250 IPSec VPN tunnels/tunnel interfaces
  • 3 virtual routers
  • 15 security zones
  • 250 max number of policies

PA-220R Firewall


  • 500 Mbps firewall throughput
  • 150 Mbps Threat Prevention throughput
  • 100 Mbps IPsec VPN throughput
  • 64,000 max sessions
  • 4,200 new sessions per second
  • 1,000 IPsec VPN tunnels/tunnel interfaces
  • 3 virtual routers
  • 15 security zones
  • 250 max number of policies
Panorama Series Family

Panorama is a centralized management system that provides global visibility and control over multiple Palo Alto Networks next generation firewalls through an easy to use web-based interface. Panorama enables administrators to view aggregate or device-specific application, user, and content data and manage multiple Palo Alto Networks firewalls—all from a central location.

Security deployments can overload IT teams with complex security rules and data from multiple sources. Panorama offers easy-to-implement and centralized management features to gain insight into network-wide traffic and threats, and administer your firewalls everywhere.

The Palo Alto Networks® M-200 and M-600 appliances are multi-function appliances that you can configure to function in Panorama™ Management mode, Panorama Management-only mode, Panorama Log Collector mode, or PAN-DB Private Cloud mode.

  • M-200 Management Appliance
  • M-600 Management Appliance
  • Panorama Management Software

PaloGuard - Enterprise Security Platforms (25)

M-200

Front Panel:

PaloGuard - Enterprise Security Platforms (26)

Item

Component

Description

1

System drive

240GB solid-state drive (SSD) used to store the operating system files and system logs.

2

Unique Identification (UID) button

Use the UID feature to help you locate the appliance when you move from the front to the back of the equipment rack where the appliance is installed. When you push the UID button to enable the UID feature, both the front-panel System information LED and the back-panel UID LED illuminate bright blue to help you locate the appliance when you move between opposite sides of the equipment rack. Push the UID button again to deactivate these LEDs.

3

System information (overheat and UID) LED
  • Solid red—An overheat condition occurred.
  • Blinking red at the rate of one blink per second (1Hz)—A fan failure occurred.
  • Blinking red at the rate of four blinks per second (.25Hz)—One of the two power supplies is not providing power to the appliance (possibly because a power supply failed or because there is no power source connected to the power supply).
  • Solid blue—The UID feature is activated (see the UID button description).

4

Network activity LEDs

Blinking green indicates network activity.

5

Hard-disk drive (HDD) LED

Blinking yellow indicates IDE channel activity (SAS/SATA drive) on the front log drives.

6

Power LED

Solid green indicates that the appliance is powered on.

7

Reset button

Press this button to reboot the appliance.

8

Power button

Press this button to power on or power off the appliance. Powering off the appliance with this button puts the appliance in standby power mode. To completely power off the appliance, you must disconnect the AC power cords from both power supplies.

9

Hard-disk drives (HDDs)

Disk drive bays and HDDs used for log storage. By default, the M-200 ships with four HDDs installed in drive bays A1/A2 and B1/B2. Each pair of drives are in a RAID 1 configuration (A1-A2 is a RAID 1 pair and B1-B2 is a RAID 1 pair).

For details on storage capacity, refer to the Panorama Datasheet .

10

Hard-disk drive (HDD) LEDs

Status LEDs—two for each log drive:

  • Top LED—Flashing blue indicates drive activity.
  • Bottom LED—Solid red indicates a log drive failure.

Back Panel:


PaloGuard - Enterprise Security Platforms (27)

Item

Component

Description

1

Power supplies

Use the AC power supply inputs to connect power to the appliance. The second power supply is for redundancy.

2

Ethernet ports

Four RJ-45 10Mbps/100Mbps/1000Mbps Ethernet ports. While facing the back of the appliance, the ports are labeled as follows:

The port labels are located on top of the appliance.

  • Upper left—Management (MGT) port used for managing the appliance and for data traffic.
  • Upper right—Ethernet1/1
  • Lower left—Ethernet1/2
  • Lower right—Ethernet1/3

For information on configuring these ports, refer to the Panorama™ Administrator’s Guide on the Technical Documentation Portal for the release version running on your appliance. If the appliance is in PAN-DB mode, refer to the appropriate release-specific PAN-OS® Administrators Guide.

3

USB ports

Not used.

4

IPMI port

Not used.

5

Console port

Use this port to connect a management computer to the appliance using a 9-pin serial cable and terminal emulation software.

The console connection provides access to appliance boot messages, the Maintenance Recovery Tool (MRT), and the command line interface (CLI).

If your management computer does not have a serial port, use a USB-to-serial converter.

Use the following settings to configure your terminal emulation software to connect to the console port:

  • Data rate: 9600

  • Data bits: 8

  • Parity: None

  • Stop bits: 1

  • Flow control: None

6

Unique Identification (UID) LED

UID LED that illuminates bright blue when you push the UID button on the front of the appliance.

For information on using the UID feature, see the UID button description for the M-200 Appliance Front Panel .

PaloGuard - Enterprise Security Platforms (28)

M-600

Front Panel:

PaloGuard - Enterprise Security Platforms (29)

Item

Component

Description

1

Power button

Press this button to power on or power off the appliance. Powering off the appliance with this button puts the appliance in standby power mode. To completely power off the appliance, you must disconnect the AC power cords from both power supplies.

2

Reset button

Press this button to reboot the appliance.

3

Power LED

Solid green indicates that the appliance is powered on.

4

Power failure LED

Solid red indicates that either a power supply failed or that there is no power source connected to a power supply.

5

Hard-disk drive (HDD) LED

Blinking yellow indicates IDE channel activity (SAS/SATA drive) on the front log drives.

6

System information (overheat and UID) LED
  • Solid red—An overheat condition occurred.
  • Blinking red at the rate of one blink per second (1Hz)—A fan failure occurred.
  • Blinking red at the rate of four blinks per second (.25Hz)—One of the two power supplies is not providing power to the appliance (possibly because a power supply failed or because there is no power source connected to the power supply).
  • Solid blue—The UID feature is activated (see the UID button description for the M-600 Appliance Back Panel .)

7

Hard-disk drives (HDDs)

Disk drive bays and HDDs used for log storage. By default, the M-600 ships with four HDDs installed in drive bays A1/A2 and B1/B2. You can install up to eight additional drives (four additional RAID 1 pairs) in the remaining drive bays (C1/C2, D1/D2, E1/E2, and F1-F2) to increase log storage capacity.

Each pair of drives are in a RAID 1 configuration. For example, A1-A2 is a RAID 1 pair and B1-B2 is a RAID 1 pair.

For details on storage capacity, refer to the Panorama Datasheet . For details on adding additional storage to the appliance, refer the Panorama Administrator’s Guide on the Technical Documentation Portal for the release version running on your appliance.

8

Hard-disk drive (HDD) LEDs

Status LEDs—two for each log drive:

  • Top LED—Flashing blue indicates drive activity.
  • Bottom LED—Solid red indicates a log drive failure.

Back Panel:


PaloGuard - Enterprise Security Platforms (30)

Item

Component

Description

1

System drive

240GB solid-state drive (SSD) used to store the operating system files and system logs.

2

Power supplies

Use the AC power supply inputs to connect power to the appliance. The second power supply is for redundancy.

3

Ethernet ports

Four RJ-45 10Mbps/100Mbps/1000Mbps Ethernet ports. While facing the back of the appliance, the ports are labeled as follows:

The port labels are located on top of the appliance.

  • Upper left—Management (MGT) port used for managing the appliance and for data traffic.
  • Upper right—Ethernet1/1
  • Lower left—Ethernet1/2
  • Lower right—Ethernet1/3

For information on configuring these ports, refer to the Panorama™ Administrator’s Guide on the Technical Documentation Portal for the release version running on your appliance. If the appliance is in PAN-DB mode, refer to the appropriate release-specific PAN-OS® Administrators Guide.

4

USB ports

Not used.

5

IPMI port

Not used.

6

Console port

Use this port to connect a management computer to the appliance using a 9-pin serial cable and terminal emulation software.

The console connection provides access to appliance boot messages, the Maintenance Recovery Tool (MRT), and the command line interface (CLI).

If your management computer does not have a serial port, use a USB-to-serial converter.

Use the following settings to configure your terminal emulation software to connect to the console port:

  • Data rate: 9600

  • Data bits: 8

  • Parity: None

  • Stop bits: 1

  • Flow control: None

7

Unique Identification (UID) button and LED

Use the UID feature to help you locate the appliance when you move from the back to the front of the equipment rack where the appliance is installed. When you push the UID button to enable the UID feature, both the front-panel System information LED and the back-panel UID LED illuminate bright blue to help you locate the appliance when you move between opposite sides of the equipment rack. The back-panel UID LED is located to the right of the UID button. Push the UID button again to deactivate these LEDs.

The UID button is very small and is located to the left of the UID LED. Use a small object, such as a paper clip, to press the button.

8

SFP+ ports

Two SFP+ (10Gbps) ports. While facing the back of the appliance, the left port is labeled Ethernet1/5 and the right port is labeled Ethernet1/4.

The port labels are located on top of the appliance.

For information on configuring these ports, refer to the Panorama™ Administrator’s Guide on the Technical Documentation Portal for the release running on your appliance. If the appliance is in PAN-DB mode, refer to the appropriate release-specific PAN-OS® Administrators Guide.

PaloGuard - Enterprise Security Platforms (31)


Panorama Management Software

Panorama Specifications
Number of Devices Supported Up to 1,000
Administrator Authentication Local database, RADIUS
High Availability Active/Passive
Log Storage Maximum of 2 Terabytes (TB)
Command Line Interface SSHv2, Telnet or Console
Web Interface HTTPS, HTTP
Device Connection SSLv2
Management Tools and APIS
  • Graphical User Interface (GUI)
  • Command Line Interface (CLI)
  • XML-Based Rest API
Virtual Appliance Specifications
Minimum Server Hardware Requirements
  • 40 GB
  • 4 GB RAM
  • Quad-Core CPU (2GHz+)
VMware Support VMware ESX 4.1 or greater
Browser Support
  • IE v7 or greater
  • Firefox v3.6 or greater
  • Safari v5.0 or greater
  • Chrome v11.0 or greater
Log Storage
  • VMware Virtual Disk: 2TB maximum
  • NFS
PaloGuard - Enterprise Security Platforms (2024)
Top Articles
23 Brilliant Barefoot Contessa Recipes To Try At Home
Cafe Rio Recipes - All the Best in One Place!
Charlotte Rubratings
Hotel Denizen Mckinney
Hannah Palmer Listal
Arnold Schwarzenegger | Rotten Tomatoes
Ocala Skip The Games
Santucci's Knights Road
Julia Roberts Wikipedia Pl
Socialserve Com Georgia
Truck Trader Ohio
Much of U.S. Bakes as Some Cities Break Temperature Records
Latest Posts
Reuben Sandwich Recipe on Marble Rye - Striped Spatula
Classic Chicago Italian Beef Sandwich Recipe Done At Home
Article information

Author: Van Hayes

Last Updated:

Views: 6162

Rating: 4.6 / 5 (66 voted)

Reviews: 89% of readers found this page helpful

Author information

Name: Van Hayes

Birthday: 1994-06-07

Address: 2004 Kling Rapid, New Destiny, MT 64658-2367

Phone: +512425013758

Job: National Farming Director

Hobby: Reading, Polo, Genealogy, amateur radio, Scouting, Stand-up comedy, Cryptography

Introduction: My name is Van Hayes, I am a thankful, friendly, smiling, calm, powerful, fine, enthusiastic person who loves writing and wants to share my knowledge and understanding with you.