• Sign In
  • Create an Account
Toggle Nav
My Cart
Search
Advanced Search
  • Compare Products
Menu
Account

Palo Alto Networks Enterprise Firewall PA-850

$11,270.00
Available for Order
SKU
PAN-PA-850
Add to Wish List Add to Compare
Palo Alto Networks PA-850
main product photo

Overview:

The controlling element of the PA-800 Series ML-Powered Next-Generation Firewall (NGFW) is PAN-OS®, which natively classifies all traffic, inclusive of applications, threats, and content, and then ties that traffic to the user regardless of location or device type. The application, content, and user—in other words, the elements that run your business—then serve as the basis of your security policies, resulting in improved security posture and reduced incident response time.

Classifies all applications, on all ports, all the time
  • Identifies the application, regardless of port, encryption (SSL or SSH), or evasive technique employed
  • Uses the application, not the port, as the basis for all of your safe enablement policy decisions: allow, deny, schedule, inspect and apply traffic-shaping
  • Categorizes unidentified applications for policy control, threat forensics or App-ID™ application identification technology development
  • Provides full visibility into the details of all TLS-encrypted connections and stops threats hidden in encrypted traffic, including traffic that uses TLS 1.3 and HTTP/2 protocols.
Enforces security policies for any user, at any location
  • Deploys consistent policies to local and remote users running on the Windows, Mac OS X, Linux, Android or Apple iOS platforms
  • Enables agentless integration with Microsoft Active Directory and Terminal Services, LDAP, Novell eDirectory and Citrix
  • Easily integrates your firewall policies with 802.1X wireless, proxies, NAC solutions, and any other source of user identity information
Extends native protection across all attack vectors with cloud-delivered security subscriptions
  • Threat Prevention—inspects all traffic to automatically block known vulnerabilities, malware, vulnerability exploits, spyware, command and control (C2), and custom intrusion prevention system (IPS) signatures.
  • WildFire malware prevention—protects against unknown file-based threats, delivering automated prevention in seconds for most new threats across networks, endpoints, and clouds.
  • URL Filtering—prevents access to malicious sites and protects users against web-based threats.
  • DNS Security—detects and blocks known and unknown threats over DNS while predictive analytics disrupt attacks using DNS for C2 or data theft.
  • IoT Security—discovers all unmanaged devices in your network, identifies risks and vulnerabilities, and automates enforcement policies for your ML-Powered NGFW using a new Device-ID™ policy construct.

Enables SD-WAN functionality

  • Easily adopt SD-WAN by simply enabling it on your existing firewalls.
  • Enables you to safely implement SD-WAN, which is natively integrated with our industry-leading security.
  • Delivers an exceptional end user experience by minimizing latency, jitter, and packet loss.

Palo Alto Networks PA-800 Series next-generation firewall appliances, comprised of the PA-820 and PA-850, are designed to secure enterprise branch offices and midsized businesses.

The controlling element of the Palo Alto Networks PA-800 Series appliances is PAN-OS security operat- ing system, which natively classifies all traffic, inclusive of applications, threats and content, and then ties that traffic to the user, regardless of location or device type. The application, content and user – in other words, the business elements that run your business – are then used as the basis of your security policies, resulting in an improved security posture and a reduction in incident response time.

Performance and Capacities1

PA-850

PA-820

Firewall throughput (App-ID)2, 4

2.1/2.1 Gbps

1.8/1.6 Gbps

Threat prevention throughput3, 4

1.0/1.2 Gbps

850/900
Mbps

IPsec VPN throughput2, 4

  1.6 Gbps

1.3 Gbps

New sessions per second

 13,000

8,600

Max sessions

 192,000

128,000
  1. Performance and capacities are measured under ideal testing conditions.
  2. Firewall throughput measured with App-ID and User-ID features enabled utilizing 64K HTTP transactions
  3. Threat prevention throughput measured with App-ID, User-ID, IPS, AntiVirus and Anti-Spyware features enabled utilizing 64K HTTP transactions
  4. New sessions per second is measured with 4K HTTP transactions
  5. Adding virtual systems base quantity requires a separately purchased license

Networking Features:

PA-800 Series appliances support a wide range of networking features that enable you to more easily integrate our security features into your existing network.

Interface Modes
L2, L3, Tap, Virtual wire (transparent mode)
Routing
OSPFv2/v3 with graceful restart, BGP with graceful restart, RIP, Static routing
Policy-based forwarding
Point-to-Point Protocol over Ethernet (PPPoE)
Multicast: PIM-SM, PIM-SSM, IGMP v1, v2, and v3
SD-WAN
Path quality measurement (jitter, packet loss, latency)
Initial path selection (PBF)
Dynamic path change
IPv6
L2, L3, Tap, Virtual wire (transparent mode)
Features: App-ID, User-ID, Content-ID, WildFire and SSL decryption
SLAAC
IPsec VPN
Key exchange: Manual key, IKEv1 and IKEv2 (pre-shared key, certificate-based authentication)
Encryption: 3DES, AES (128-bit, 192-bit, 256-bit)
Authentication: MD5, SHA-1, SHA-256, SHA-384, SHA-512
VLANs
802.1q VLAN tags per device/per interface: 4,094/4,094
Aggregate interfaces (802.3ad), LACP
Network Address Translation (NAT)
NAT modes (IPv4): Static IP, dynamic IP, dynamic IP and port (port address translation)
NAT64, NPTv6
Additional NAT features: Dynamic IP reservation, tunable dynamic IP and port oversubscription
High Availability
Modes: Active/Active, Active/Passive
Failure detection: Path monitoring, interface monitoring
Zero Touch Provisioning (ZTP)
Available with -ZTP SKUs (PA-850-ZTP, PA-820-ZTP)
Requires Panorama 9.1.3 or higher

Technical Specifications:

I/O
  • 10/100/1000 (4), Gigabit SFP (8) or
  • 10/100/1000 (4), Gigabit SFP (4), 10 Gigabit SFP+ (4)
Management I/O
  • 10/100/1000 out-of-band management port (1)
  • 10/100/1000 high availability (2)
  • RJ-45 console port (1)
  • USB port (1)
  • Micro USB console port (1)
Storage Capacity
240GB SSD
Power Supply
AC 450 W power supplies (2); one is redundant
Power Consumption
Maximum: 240 W
Average: 64 W
Max BTU/hr
256
Input Voltage (Input frequency)
100-240VAC (50-60Hz)
Max Current Consumption
2.0 A @ 100 VAC, 1.0 A @ 240 VAC
Max Inrush Current
1.0 A @ 230 VAC, 1.84 A @ 120 VAC
Rack Mountable (Dimensions)
1U, 19” standard rack (1.75” H x 14.5” D x 17.125” W)
Weight (Stand-Alone Device/As Shipped)
13.5 lbs / 21.5 lbs
Safety
cCSAus, CB
EMI
FCC Class A, CE Class A, VCCI Class A
Certifications
See: https://www.paloaltonetworks.com/company/certifications.html
Environment
Operating temperature: 32° to 104° F, 0° to 40° C
Non-operating temperature: -4° to 158° F, -20° to 70° C
Airflow
Front to back

Documentation:

Download the Palo Alto Networks Firewall Overview Datasheet (PDF).

Download the Palo Alto Networks PA-800 Series Specification Datasheet (PDF).

More Information
Manufacturer PaloAlto Networks
Vendor SKU PAN-PA-850
Copyright © 2013-present addo.supply ltd. All rights reserved.