|
The Palo Alto Networks PA-2000 Series is comprised of two high performance platforms, the PA-2020 and the PA-2050, both of which are targeted at high speed Internet gateway deployments. The PA-2000 Series manages network traffic flows using dedicated processing and memory for networking, security, threat prevention and management.
A high speed backplane smoothes the pathway between dedicated processors, and the separation of data and control plane ensures that management access is always available, irrespective of the traffic load. Interface density for the PA-2020 and the PA-2050 is unmatched with up to 20 traffic interfaces and dedicated out-of-band management interfaces.
The controlling element of the PA-2000 Series next-generation firewalls is PAN-OSTM, a security-specific operating system that tightly integrates three unique identification technologies: App-IDTM, User-ID and Content-ID, with key firewall, networking, VPN and management features.
PA-2020
- 500 Mbps firewall throughput
- 200 Mbps threat prevention throughput
- 200 Mbps IPSec VPN throughput
- 1,000 IPSec VPN tunnels and tunnel interfaces
- 15,000 new sessions per second
- 125,000 max sessions
- (12) 10/100/1000 + (2) SFP optical gigabit interfaces
- (1) 10/100/1000 out of band management interface
- (1) 1 RJ-45 console interface
PA-2020 Series Firewall
PA-2050
- 1 Gbps firewall throughput
- 500 Mbps threat prevention throughput
- 300 Mbps IPSec VPN throughput
- 2,000 IPSec VPN tunnels and tunnel interfaces
- 15,000 new sessions per second
- 250,000 max sessions
- (16) 10/100/1000 + (4) SFP optical gigabit interfaces
- (1) 10/100/1000 out of band management interface
- (1) 1 RJ-45 console interface
PA-2050 Series Firewall
Additional PA-2000 Series Specifications
| App -ID |
- Identifies and controls more than 800 applications
- SSL decryption via forward or reverse proxy
- Customize application properties
- Custom HTTP applications
|
| FIREWALL |
- Policy-based control by application,application category, subcategory,technology, risk factor or characterisitic
- Policy-based control by user, group or IP address
- Maximum number of policies: 2,500 (PA-2020), 5,000 (PA-2050)
- Reconnaissance scan protection
- Denial of Service (DoS) protection
- Fragmented packet protection
|
|
DATE FILTERING
|
- Detect and block social security numbers, credit card numbers, custom data patterns
- Block files by type
|
THREAT PREVENTION
(SUBSCRIPTION REQUIRED) |
- Block viruses, spyware, worms and vulnerability exploits
|
| IPSec VPN (Site -to -Site ) |
- Manual Key, IKE v1
- 3DES, AES (128-bit, 192-bit, 256-bit) encryption
- SHA1, MD5 authentication
|
| SSL VPN (REMOTE ACESS) |
- IPSec transport with SSL fall-back
- Enforce unique policies for SSL VPN traffic
- Enable/disable split tunneling to control client access
|
| NETWORKING |
- Tap mode, virtual wire, layer 2, layer 3, mixed L2/L3
- IPv6 application visibilty and control via Content-ID (Virtual wire mode only)
- IPv6 full content inspection via Content-ID (Virtual wire mode only)
- 802.1Q VLAN tagging (layer 2, layer 3)
- Network address translation (NAT)
- OSPF and RIPv2
- DHCP server/ DHCP relay (up to 3 servers)
- Virtual routers: 10
- Security zones: 20
- Virtual systems: 5 (optional license required)
|
URL FILTERING
(SUBSCRIPTION REQUIRED)
|
- 76-category on-box customizable database
- Customizable allow and block lists
- Customizable block pages
|
| QUALITY OF SERVICE (QOS) |
- Policy-based traffic shaping (guaranteed, maximum and priority) by application,user, source, destination, interface, IPSec VPN tunnel and more
- Per policy diffserv marking
|
| HIGH AVAILABILITY |
- Active/Passive
- Configuration and session synchronization
- Interface and IP tracking
- Link and path failure monitoring
|
| MANAGEMENT TOOLS |
- Integrated web interface
- Command line interface (CLI)
- Centralized management (Panorama)
- Role-based adminstration
- Shared policies (Panorama)
- Syslog & SNMPv2
- Customizable administrator login banner
- XML-based REST API
|
| HARDWARE SPECIFICATIONS |
| I/O |
- (16) 10/100/1000 + (4) SFP optical gigabit (PA-2050), (12) 10/100/1000 + (2) SFP optical gigabit (PA-2020)
|
| Management I/O |
- (1) 10/100/1000 out-of-band management port, (1) RJ-45 console port
|
| Power supply (Avg/max power consumption) |
|
| Input voltage (Input frequency) |
|
| Max input current |
|
| Rack mountable (Dimensions) |
- 1U, 19” standard rack (1.75”H x 17”D x 17”W)
|
| Safety |
|
| EMI |
- FCC Class A, CE Class A, VCCI Class A, TUV
|
| ENVIRONMENT |
| Operating temperature |
- 32° to 122° F, 0° to 50° C
|
| Non-operating temperature |
- -4° to 158° F, -20° to 70° C
|
| ORDERING INFORMATION |
Pa-2050 |
Pa-2020 |
| Platform |
PAN-PA-2050 |
PAN-PA-2020 |
| Annual threat prevention subscription |
PAN-PA-2050-TP |
PAN-PA-2020-TP |
| Annual URL filtering subscription |
PAN-PA-2050-URL2 |
PAN-PA-2020-URL2 |
| Virtual systems |
PAN-PA-2050-VSYS-5 |
PAN-PA-2020-VSYS-5 |
|
工研院(ITRI)資通所(ICL)「無線感測網路關鍵技術發展計畫」建構一個成果展示系統,可顯示感測器擺放位置、感測數據即時數據與歷史數據變化軌跡的Web介面系統,整合 Google Map 以及 數據統計圖 等元件技術。
建立系統有效率進行
提供用戶相關說明 (含申請光束線時間、實驗執行前/進行中/完成後所需辦理事項),協助用戶取得本中心提供用戶之服務。
