Palo Alto Networks PA-3430 - Security appliance - 40GbE, 100GbE, 5GbE, 2.5GbE, 25GbE - front to back airflow - 1U - rack-mountable

Description

Centralized management and visibility

Centralized management, configuration and visibility for a multitude of distributed Palo Alto Networks NGFWs (regardless of location and scope) within a unified Panorama user interface. Simplified configuration sharing in Panorama using templates and device groups, and scalable log collection as requirements grow. Application Command Center (ACC) for in-depth visibility and comprehensive information on network traffic and threats.

Next-generation firewall driven by machine learning

Integrating machine learning (ML) into the firewall's DNA to provide inline, signature-free prevention against file-based attacks, while immediately identifying and blocking as-yet-unknown phishing attempts. Leverage cloud-based ML processes to instantly send signatures and instructions back to the NGFW. Automate policy recommendations to save time and reduce the risk of human error.

Identify and categorize all applications, on all ports, at any time, and fully inspect the L7 layer

Identification of applications traversing your network, regardless of port, protocol, bypass techniques or encryption (TLS/SSL), automatic discovery and securing of new applications to keep pace with the SaaS explosion, thanks to SaaS Security service subscription. Use the application, not the port, as the basis for all your secure activation and authorization policies (allow, deny, schedule, inspect, prioritize traffic, etc.). Ability to create custom App-ID tags for proprietary applications, or ask Palo Alto Networks to develop an App-ID for new applications. Identification of all payloads in the application (files, data models, etc.) to block malicious files and thwart data exfiltration attempts. Creation of standard and customized application usage reports (including SaaS applications) to provide an overview of all authorized and unauthorized SaaS traffic on your network. Integrated Policy Optimizer functionality for secure migration of existing L4-layer rules to App-ID-based rules, resulting in a more secure and manageable set of rules.

Enhanced user security, regardless of location or device, while adapting policies to user activity

Visibility, security policies, reporting and forensic analysis on users and groups, not just IP addresses. Simple integration with a wide range of repositories to leverage user information (wireless LAN controllers, VPNs, directory servers, SIEMs, proxies, etc.). Definition of DUGs (Dynamic User Groups) on the firewall to trigger rapid security actions without waiting for changes to be made to user directories. Application of consistent policies regardless of user location (office, home, travel, etc.) and devices used (iOS and Android mobile devices, macOS, Windows, Linux desktops, laptops, Citrix and Microsoft VDI, terminal servers, etc.). Multi-factor authentication (MFA) can be activated on the network layer, for any application and without any modification to it, to prevent corporate credentials from being entered on third-party websites and stolen credentials from being reused. Dynamic, behavior-based security actions to neutralize suspicious or malicious users. Authentication and authorization of user access, regardless of login location and identity store location, to accelerate the adoption of Zero Trust policies thanks to Cloud Identity Engine, a revolutionary cloud architecture optimizing identity-based security.

Block malicious activity hidden in encrypted traffic

Inspection and policy enforcement of encrypted inbound and outbound TLS/SSL traffic, as well as traffic using TLS 1.3 or HTTP/2. In-depth visibility of TLS traffic (amount of encrypted traffic, TLS/SSL versions, cipher suites, etc.) without decryption. Reduce risk by controlling the use of older TLS protocol versions, insecure cipher suites and misconfigured certificates. Simple deployment of decryption and use of integrated logs to resolve problems (e.g. certificates pinned to applications). Flexibly enable or disable decryption based on multiple criteria (URL category, source and destination zone, address, user, user group, device, port, etc.) for privacy and regulatory compliance. Possibility of creating a copy of decrypted traffic from the firewall (in other words, mirroring the decryption) and sending it to traffic collection tools for forensic analysis, historical retention or data loss prevention (DLP). Intelligent forwarding of all traffic (encrypted TLS, unencrypted TLS and non-TLS) to third-party security tools using Network Packet Broker functionality to optimize network performance and reduce operating expenses.

Maximize security investments and avoid disruption with AIOps

Recommendations tailored to each deployment strategy to reinforce the company's security posture and maximize security investments with AIOps for NGFW. Intelligent prediction of firewall health, performance and capacity issues based on ML tools powered by advanced telemetry data. Actionable information to help resolve anticipated disruptions.

Enable SD-WAN functionality

Easy adoption of SD-WAN by simple activation in your existing firewalls. SD-WAN natively integrated with security solution for secure deployment. Reduced latency, jitter and packet loss for exceptional user experiences.

Unique approach to packet processing via single-pass architecture

All threat- and content-related functions (network analysis, policy verification, application analysis and decryption, signature matching, etc.) are performed in a single pass. The result is a considerable reduction in the processor power required to run multiple functions on the same security appliance. Flow-based signature matching to analyze all signature traffic in a single pass, avoiding latency. Consistent, predictable performance when security services are activated.