Palo Alto Next-Generation Firewall PA 7080

Palo Alto Next-Generation Firewall PA 7080

From
Special Price $182,582.55 Regular Price $199,999.99

Palo Alto Next-Generation Firewall PA 7080

MFG.PART: PAN-PA-7080

Earn 182,582 points when you buy me!

Hurry! Other 13 people are watching this product
SKU
Palo-Alto-Next-Generation-Firewall-PA-7080
Special Price $182,582.55 Regular Price $199,999.99
In stock
Free shipping Free shipping
could be yours in 1 - 5 days could be yours in 1 - 5 days
days hrs mins secs
Hurry! Other 13 people are watching this product

Palo Alto Networks PA-7080 Series Next-Generation Firewalls enable enterprise-scale organizations and service providers to deploy security in high-performance environments, such as large data centers and high-bandwidth network perimeters. Designed to handle growing throughput needs for application-, user-, and device-generated data, these systems offer amazing performance.

Details

Features

PA-7080 Series Performance and Capacities

Palo Alto Networks PA-7080 Series Next-Generation Firewalls enable enterprise-scale organizations and service providers to deploy security in high-performance environments, such as large data centers and high-bandwidth network perimeters. Designed to handle growing throughput needs for application-, user-, and device-generated data, these systems offer amazing performance, prevention capabilities to stop the most advanced cyberattacks, and high-throughput decryption to stop threats hiding under the veil of encryption. Built to maximize security-processing resource utilization and automatically scale as new computing power becomes available, the PA-7080 Series offers simplicity defined by a single-system approach to management and licensing.

PA-7080 Series Architecture

The PA-7080 Series is powered by a scalable architecture for the purpose of applying the appropriate type and volume of processing power to the key functional tasks of networking, security, and management. The PA-7080 Series chassis intelligently distributes processing demands across three subsystems, each with massive amounts of computing power and dedicated memory.

Network Processing Card

The Network Processing Card (NPC) is dedicated to executing all packet-processing tasks, including networking, traffic classification, and threat prevention. Each NPC has between 64 (first generation) and 144 (second generation) processing cores, all focused on protecting your network at up to 70 Gbps per NPC. Scaling the throughput to the maximum 700 Gbps on the PA-7080, or 420 Gbps on the PA-7050, is as easy as adding a new NPC and allowing the system to determine the best use of the new processing power. To address growing demand for higher-capacity 40 Gbps and 100 Gbps connectivity

Offers AI-Powered Unified Management and Operations with Strata Cloud
Manager
• Prevent network disruptions: Forecast deployment health and proactively identify capacity
bottlenecks up to seven days in advance with predictive analytics to proactively prevent operational disruptions.
• Strengthen security in real time: AI-powered analysis of policies and real-time compliance
checks against industry and Palo Alto Networks best practices.
• Enable simple and consistent network security management and ops: Manage configuration
and security policies across all form factors, including SASE, hardware and software firewalls, and all security services to ensure consistency and reduce operational overhead.

Enables SD-WAN Functionality
• Allows you to easily adopt SD-WAN by simply enabling it on your existing firewalls.
• Enables you to safely implement SD-WAN, which is natively integrated with our industry-leading
security.
• Delivers an exceptional end-user experience by minimizing latency, jitter, and packet loss.

Tech Specs

Tech specs

PA-7080 Performance and Capacities

Firewall throughput (HTTP/appmix) 590 Gbps
Threat Prevention throughput (HTTP/appmix) 305
Gbps
IPsec VPN throughput 310 Gbps
Max sessions 416M
New sessions per second 6M
Virtual systems (base/max) 25/225

Manufacturing Number

MFG Part Number PAN-PA-7080

PA-7080 Networking Features

Interface Modes L2, L3, tap, virtual wire (transparent mode)
Routing OSPFv2/v3 with graceful restart, BGP with graceful restart, RIP,static routing
Multicast: PIM-SM, PIM-SSM, IGMP v1, v2, and v3
Bidirectional Forwarding Detection (BFD)
SD-WAN Path quality measurement (jitter, packet loss, latency)
Initial path selection (PBF)
Dynamic path change
IPv6 L2, L3, tap, virtual wire (transparent mode)
Features: App-ID, User-ID, Content-ID, WildFire, and SSL Decryption
IPsec VPN Key exchange: manual key, IKEv1, and IKEv2 (pre-shared key,certificate-based authentication
Encryption: 3DES, AES (128-bit, 192-bit, 256-bit)
Authentication: MD5, SHA-1, SHA-256, SHA-384, SHA-512
GlobalProtect large-scale VPN (LSVPN) for simplified configuration and management
VLANs 802.1Q VLAN tags per device/per interface: 4,094/4,094
Aggregate interfaces (802.3ad), LACP
Network Address Translation NAT modes (IPv4): static IP, dynamic IP, dynamic IP and port (port address translation)
NAT64, NPTv6
Additional NAT features: dynamic IP reservation, tunable dynamic IP and port oversubscription
High Availability Modes: active/active, active/passive
Failure detection: path monitoring, interface monitoring

PA-7080 Hardware Specifications

NPC-100G (PA-7000-100G-NPC-A) (80) SFP/SFP+ (40) QSFP+/QSFP28
NPC-20G XM Option 1: (PA-7000-20GQXM-NPC) (20) QSFP+, (120) SFP+
NPC-20G XM Option 2: (PA-7000-20GXM-NPC) (120) 10/100/1000, (80) SFP, (40) SFP+
Management I/O (second generation) (2) SFP MGT, (2) SFP HA1, (2) HSCI HA2/HA3 QSFP+/QSFP28 (1) RJ45 serial console, (1) micro-USB serial console
Management I/O (first generation) (2) 10/100/1000, (2) QSFP+ high availability, (1) 10/100/1000 out-of-band management, (1) RJ45 console port
Storage capacity (second generation) (2) 240 GB SSD System Drive, RAID1
Storage options (first generation) (1) 80 GB SSD System Drive, (4) 1 TB default or (4) 2 TB optional HDD on Log Processing Card, RAID
AC input voltage (input Hz) 90–305 VAC (47–66 Hz)
AC power supply output 2500 W @ 240 VAC
1200 W @ 120 VAC
DC input voltage -36 to -75 VDC
DC power output 2500 W / power supply
Max current / power supply 12 ADC @ 240 VAC In
75 ADC @ >40 VDC In
Power supplies (base/max) 4/8
Max inrush current / power supply 30 AAC / 100 ADC peak
Mean time between failure (MTBF) Configuration dependent; contact your Palo Alto Networks
Max BTU/hr 20,132
Rack mount (dimensions) 19U, 19” standard rack (32.22” H x 19” W x 24.66” D)
Weight (stand-alone device/as shipped) 299.3 lbs. AC / 298.3 lbs. DC
Safety cTUVus, cCSAus, CB
EMI FCC Class A, CE Class A, VCCI Class A
Certifications NEBS Level 3

Environment

Operating temperature 32° to 122° F, 0° to 50° C
Non-operating temperature -4° to 158° F, -20° to 70° C
Models
OS Features

PAN-OS

What’s New

Our latest release continues the tradition of delivering integrated innovations. New features will help you extend security into branch offices, apply security dynamically to users, and provide better visibility for mobile users connecting to your network.

Integrated SD-WAN, dynamic user policy enforcement, enhanced visibility into mobile user activity

Secure SD-WAN

Natively integrated connectivity and security on a single intuitive interface.

Dynamic User Groups

Automated security actions that adapt to changing business needs.

GlobalProtect Enhancements

Full visibility with comprehensive logging and reports to simplify troubleshooting.

World-Class Security + High-Performance Connectivity

With industry-leading security natively integrated into our SD-WAN solution, you get all the security features from our Next-Generation Firewalls – powered by PAN-OS® 9.1 – together with Zero Touch Provisioning (ZTP) and the SD-WAN functionality from a single vendor.

Consume our secure Prisma™ Access SD-WAN hub as a service, or build the hub and interconnect infrastructure yourself using our Next-Generation Firewalls.

Regardless of the deployment model, this tight integration allows you to manage security and SD-WAN on a single intuitive interface.

Dynamic Security Actions with Automated Enforcements

User access policies based on static directory information are simply not enough in today’s dynamic environment.

Network and security teams are tasked with providing correct access to users. But creating ad hoc rules to provide time-bound access to workers – and then ensuring these rules are removed once the business need is over – is manual, time-consuming and poses a security risk if the rules become over-provisioned.

In addition, the inability to dynamically change a user's access based on information about their behavior results in tedious operations and increased security risks.

With PAN-OS 9.1, you can enable Dynamic User Groups (DUG) and reap these benefits:

• Automatically include users as members without manually creating and committing policy or group changes.
• Still maintain user-to-data correlation at the device level before the firewall even scans the traffic.
• Configure and manage a single security policy to auto-remediate anomalous behavior and malicious activity while maintaining user visibility.

Enhanced Visibility and Troubleshooting for GlobalProtect Deployments

PAN-OS 9.1 provides greater visibility, rapid troubleshooting, and enhanced logging enhancements to help you monitor and rectify connection failures with your GlobalProtect™ deployments.

The logging enhancements are available for any Palo Alto Networks Next-Generation Firewall deployed as a GlobalProtect gateway or portal or in a Prisma Access mobile user deployment.

• Throughput is measured with App-ID and logging enabled, with 64 KB HTTP/appmix transactions.
• Disable Server Response Inspection (DSRI) throughput is measured with App-ID, IPS, antivirus, anti-spyware, WildFire, file blocking, and logging enabled, utilizing 64 KB HTTP transactions.
• Threat Prevention throughput measured with App-ID, IPS, antivirus, anti-spyware, WildFire, and logging enabled, utilizing 64 KB HTTP/appmix transactions.
• IPsec VPN throughput is measured with 64 KB HTTP transactions and logging enabled.
• New sessions per second is measured with application override, utilizing 1 byte HTTP transactions.
• Adding virtual systems to the base quantity requires a separately purchased license.

^Top