|
The Palo Alto NetworksTM PA-500 is targeted at high speed Internet gateway deployments for enterprise branch offices and medium size businesses. The PA-500 manages network traffic flows using dedicated computing resources for networking, security, threat prevention and management.
A high speed backplane smoothes the pathway between processors and the separation of data and control plane ensures that management access is always available, irrespective of the traffic load. Interface density for the PA-500 includes (8) 10/100/1000 traffic interfaces and a dedicated out-of-band management interface.
The controlling element of the PA-500 next-generation firewalls is PAN-OSTM, a security-specific operating system that tightly integrates three unique identification technologies: App-IDTM, User-ID and Content-ID, with key firewall, networking and management features.
- 250 Mbps firewall throughput
- 100 Mbps threat prevention throughput
- 50 Mbps IPSec VPN throughput
- 250 IPSec VPN tunnels and tunnel interfaces
- 7,500 new sessions per second
- 64,000 max sessions
- (8) 10/100/1000
- (1) 10/100/1000 out of band management interface
- (1) 1 RJ-45 console interface
For a complete description of the PA-500 next-generation firewall feature set,please visit www.paloaltonetworks.com/literature.
PA-500 Specifications
| App -ID |
- Identifies and controls more than 800 applications
- SSL decryption via forward or reverse proxy
- Customize application properties
- Custom HTTP applications
|
| FIREWALL |
- Policy-based control by application,application category, subcategory,technology, risk factor or characterisitic
- Policy-based control by user, group or IP address
- Maximum number of policies: 2,500 (PA-2020), 5,000 (PA-2050)
- Reconnaissance scan protection
- Denial of Service (DoS) protection
- Fragmented packet protection
|
|
DATE FILTERING
|
- Detect and block social security numbers, credit card numbers, custom data patterns
- Block files by type
|
THREAT PREVENTION
(SUBSCRIPTION REQUIRED) |
- Block viruses, spyware, worms and vulnerability exploits
|
| IPSec VPN (Site -to -Site ) |
- Manual Key, IKE v1
- 3DES, AES (128-bit, 192-bit, 256-bit) encryption
- SHA1, MD5 authentication
|
| SSL VPN (REMOTE ACESS) |
- IPSec transport with SSL fall-back
- Enforce unique policies for SSL VPN traffic
- Enable/disable split tunneling to control client access
|
| NETWORKING |
- Tap mode, virtual wire, layer 2, layer 3, mixed L2/L3
- IPv6 application visibilty and control via Content-ID (Virtual wire mode only)
- IPv6 full content inspection via Content-ID (Virtual wire mode only)
- 802.1Q VLAN tagging (layer 2, layer 3)
- Network address translation (NAT)
- OSPF and RIPv2
- DHCP server/ DHCP relay (up to 3 servers)
- Virtual routers: 2
- Security zones: 20
|
URL FILTERING
(SUBSCRIPTION REQUIRED)
|
- 76-category on-box customizable database
- Customizable allow and block lists
- Customizable block pages
|
| QUALITY OF SERVICE (QOS) |
- Policy-based traffic shaping (guaranteed, maximum and priority) by application,user, source, destination, interface, IPSec VPN tunnel and more
- Per policy diffserv marking
|
| HIGH AVAILABILITY |
- Active/Passive
- Configuration and session synchronization
- Interface and IP tracking
- Link and path failure monitoring
|
| MANAGEMENT TOOLS |
- Integrated web interface
- Command line interface (CLI)
- Centralized management (Panorama)
- Role-based adminstration
- Shared policies (Panorama)
- Syslog & SNMPv2
- Customizable administrator login banner
- XML-based REST API
|
| HARDWARE SPECIFICATIONS |
| I/O |
|
| Management I/O |
- (1) 10/100/1000 out-of-band management port, (1) RJ-45 console port
|
| Power supply (Avg/max power consumption) |
|
| Input voltage (Input frequency) |
|
| Max input current |
|
| Rack mountable (Dimensions) |
- 1U, 19” standard rack (1.75”H x 10”D x 17”W)
|
| Safety |
|
| EMI |
- FCC Class A, CE Class A, VCCI Class A, TUV
|
| ENVIRONMENT |
| Operating temperature |
- 32° to 122° F, 0° to 50° C
|
| Non-operating temperature |
- -4° to 158° F, -20° to 70° C
|
| ORDERING INFORMATION |
PA-500 |
| Platform |
|
| Annual threat prevention subscription |
|
| Annual URL filtering subscription |
|
|
工研院(ITRI)資通所(ICL)「無線感測網路關鍵技術發展計畫」建構一個成果展示系統,可顯示感測器擺放位置、感測數據即時數據與歷史數據變化軌跡的Web介面系統,整合 Google Map 以及 數據統計圖 等元件技術。
建立系統有效率進行
提供用戶相關說明 (含申請光束線時間、實驗執行前/進行中/完成後所需辦理事項),協助用戶取得本中心提供用戶之服務。
