Palo Alto Next-Generation Firewall PA 1420
Earn 4,295 points when you buy me!
Earn 4,295 points when you buy me!
The Palo Alto Networks PA-1420 Firewall Appliance is a high-performance firewall designed for medium to large businesses. It provides improved security and connectivity for your network. The PA-1420 is part of the PA-1400 Series ML-Powered Next-Generation Firewalls, which also includes the PA-1410 model.
These firewalls offer advanced features and capabilities to protect your network from cyber threats. With the PA-1420, you can ensure the safety of your data and prevent unauthorized access to your network. It is equipped with state-of-the-art technology and intelligent security measures to detect and mitigate potential risks.
The PA-1420 firewall appliance is designed to deliver high-performance firewall protection, enabling you to handle the increasing demands of your network traffic. It offers robust security features such as intrusion prevention, application control, and URL filtering, allowing you to have granular control over network traffic and applications.
In addition to its security features, the PA-1420 firewall appliance also provides secure connectivity for your network. It supports various VPN protocols, including IPsec and SSL VPN, allowing remote users to securely access your network resources. This ensures that your employees can work remotely without compromising the security of your network.
Furthermore, the PA-1420 firewall appliance is easy to manage and configure. It comes with a user-friendly interface that allows you to monitor and control your network traffic effectively. You can also integrate it with other security solutions and management platforms to streamline your network security operations.
ML-Powered Next-Generation Firewall
Embeds machine learning (ML) in the core of the firewall to provide inline signatureless attack
prevention for file-based attacks while identifying and immediately stopping never-before-seen
phishing attempts.
Leverages cloud-based ML processes to push zero-delay signatures and instructions back to the NGFW.
Uses behavioral analysis to detect internet of things (IoT) devices and make policy recommendations; cloud-delivered and natively integrated service on the NGFW.
Automates policy recommendations that save time and reduce the chance of human error.
Offers Centralized Management and Visibility
Benefits from centralized management, configuration, and visibility for multiple distributed
Palo Alto Networks NGFWs (irrespective of location or scale) through Panorama network security
management, in one unified user interface.
Streamlines configuration sharing through Panorama with templates and device groups, and scales
log collection as logging needs increase.
Enables users, through the Application Command Center (ACC), to obtain deep visibility and
comprehensive insights into network traffic and threats.
Firewall Throughput (HTTP/appmix) | 9.5 Gbps |
Threat Prevention Throughput (HTTP/appmix) | 5.8 Gbps |
IPsec VPN Throughput | 5.6 Gbps |
Max Concurrent Sessions | 1.4M |
New Sessions per Second | 140,000 |
Virtual Systems (Base/Max) | 1\6 |
MFG Part Number | PAN-PA-1420 |
Interface Modes | L2, L3, tap, virtual wire (transparent mode) |
Routing | OSPFv2/v3 with graceful restart, BGP with graceful restart, RIP, static routing Policy-based forwarding Point-to-Point Protocol over Ethernet (PPPoE) Multicast: PIM-SM, PIM-SSM, IGMP v1, v2, and v3 |
SD-WAN | Path quality measurement (jitter, packet loss, latency) Initial path selection (PBF) Dynamic path change |
IPv6 | L2, L3, tap, virtual wire (transparent mode) Features: App-ID, User-ID, Content-ID, WildFire, and SSL decryption SLAAC |
IPsec and SSL VPN | Key exchange: manual key, IKEv1, and IKEv2 (pre-shared key, certificate-based authentication) Encryption: 3des, AES (128-bit, 192-bit, 256-bit) Authentication: MD5, SHA-1, SHA-256, SHA-384, SHA-512 GlobalProtect Large Scale VPN for simplified configuration and management* Secure access over IPsec and SSL VPN tunnels using GlobalProtect gateway and portals |
VLANs | 802.1Q VLAN tags per device/per interface: 4,094/4,094 Aggregate interfaces (802.3ad), LACP |
Network Address Translation | NAT modes (IPv4): static IP, Dynamic IP, Dynamic IP and Port (port address translation) NAT64, NPTv6 Additional NAT features: Dynamic IP reservation, tunable Dynamic IP and Port oversubscription |
High Availability | Modes: active/active, active/passive Failure detection: path monitoring, interface monitoring |
Power Consumption (Avg/Max)* | 260 W/300Â |
Mean Time Before Failure (MTBF) | 24 Years |
Input Voltage (Input Frequency) | 100–240 VAC (50–60 Hz) |
Rack Mount Dimensions | PA-1410, PA-1420: 1U, 19" standard rack (1.70" H x 14.15" D x 17.15" W) |
Weight (Standalone Device/As Shipped) | PA-1410, PA-1420: 15.5 lbs |
Safety | cTUVus, CB |
EMI | FCC Class A, CE Class A, VCCI Class A |
Environment | Operating temperature: 0°C to 40°C at 10,000 feet Nonoperating temperature: -4°F to 158°F; -20°C to 70°C |
Airflow | Front to back |
Our latest release continues the tradition of delivering integrated innovations. New features will help you extend security into branch offices, apply security dynamically to users, and provide better visibility for mobile users connecting to your network.
Natively integrated connectivity and security on a single intuitive interface.
Automated security actions that adapt to changing business needs.
Full visibility with comprehensive logging and reports to simplify troubleshooting.
With industry-leading security natively integrated into our SD-WAN solution, you get all the security features from our Next-Generation Firewalls – powered by PAN-OS® 9.1 – together with Zero Touch Provisioning (ZTP) and the SD-WAN functionality from a single vendor.
Consume our secure Prismaâ„¢ Access SD-WAN hub as a service, or build the hub and interconnect infrastructure yourself using our Next-Generation Firewalls.
Regardless of the deployment model, this tight integration allows you to manage security and SD-WAN on a single intuitive interface.
User access policies based on static directory information are simply not enough in today’s dynamic environment.
Network and security teams are tasked with providing correct access to users. But creating ad hoc rules to provide time-bound access to workers – and then ensuring these rules are removed once the business need is over – is manual, time-consuming and poses a security risk if the rules become over-provisioned.
In addition, the inability to dynamically change a user's access based on information about their behavior results in tedious operations and increased security risks.
• Automatically include users as members without manually creating and committing policy or group changes.
• Still maintain user-to-data correlation at the device level before the firewall even scans the traffic.
• Configure and manage a single security policy to auto-remediate anomalous behavior and malicious activity while maintaining user visibility.
PAN-OS 9.1 provides greater visibility, rapid troubleshooting, and enhanced logging enhancements to help you monitor and rectify connection failures with your GlobalProtectâ„¢ deployments.
The logging enhancements are available for any Palo Alto Networks Next-Generation Firewall deployed as a GlobalProtect gateway or portal or in a Prisma Access mobile user deployment.
• Throughput is measured with App-ID and logging enabled, with 64 KB HTTP/appmix transactions.
• Disable Server Response Inspection (DSRI) throughput is measured with App-ID, IPS, antivirus, anti-spyware, WildFire, file blocking, and logging enabled, utilizing 64 KB HTTP transactions.
• Threat Prevention throughput measured with App-ID, IPS, antivirus, anti-spyware, WildFire, and logging enabled, utilizing 64 KB HTTP/appmix transactions.
• IPsec VPN throughput is measured with 64 KB HTTP transactions and logging enabled.
• New sessions per second is measured with application override, utilizing 1 byte HTTP transactions.
• Adding virtual systems to the base quantity requires a separately purchased license.