Network security firm Palo Alto Networks unveiled its latest and most powerful next-generation firewall on Tuesday, described by the company as a powerful and scalable device suited for operation in service provider, large enterprise, and Internet gateway environments.
The top of the line PA-7080 next-generation firewall is a mini-fridge sized appliance that can deliver up to 200Gbps of throughput and 100Gbps with all security capabilities enabled, the company said.
The modular device is built on an architecture that blends software with nearly 700 function-specific processors for networking, security, content inspection, and management, the company said.
Scaling throughput and capacity to the maximum 200 Gbps on the PA-7080 is done by adding a new Network Processing Card (NPC) and allowing the system to determine the best use of the newly added processing power.
The network security firm explains that the PA-7000 Series chassis distributes computational processing of networking, security, threat prevention and management across three subsystems:
Network Processing Cards (NPCs) – Dedicated to executing all security-related tasks including networking, traffic classification and threat prevention, each NPC has up to 67 processing cores and support 20 Gbps per NPC.
Switch Management Card (SMC) – Acting as the control center of the PA-7000 Series, the SMC oversees all traffic, and executes all management functions, using a combination of three elements: the First Packet Processor, a high-speed backplane, and the management subsystem.
Log Processing Card (LPC) – The LPC is a dedicated subsystem designed to manage the high volume of logs generated by the PA-7000 Series. The LPC is unique to the PA-7000 Series and uses two high-speed, multicore processors and 2 TB of RAID 1 storage to offload logging-related activities without impacting the processing required for other management or traffic processing-related tasks.
As performance and capacity are needed, the PA-7000 Series devices automatically scale by allocating new computing resources as they become available when new processing cards are added.
“The PA-7080 architecture provides a prevention capability that scales not just speeds and feeds, but in the ability to control applications, to identify threats and deliver real time automated response,” said Jonathan Lewis, Solutions Marketing Manager at Palo Alto Networks.
The PA-7080 is NEBS compliant, has front-to-back cooling, and AC/DC power supply options as standard features.
All PA-7000 series devices, including the previously launched PA-7050, support virtual wire, L2 and L3 networking, high availability modes combined with simplified management, simplified licensing, and intelligent traffic management.
The Palo Alto Networks PA-7080 is available immediately, with pricing starting at $300,000 for a base hardware configuration that supports throughput of 20 Gbps. Up to 10 NPCs, priced at $150,000 each, can be added to the chassis, allowing the network security device to scale to 200Gbps. All totaled, a fully loaded PA-7080 will cost $1.65 million without subscriptions.
