For VendorsBlog
Palo Alto Networks next-generation firewall (NGFW)

Add to comparison

Palo Alto Networks next-generation firewall (NGFW)

Palo Alto Networks next-generation firewalls are architected to safely enable applications and prevent modern threats. Our approach identifies all network traffic based on applications, users, content

Features of product

Проблемы Pain points
  • Malware infection via Internet, email, storage devices
  • No IT security guidelines
  • Risk of attacks by hackers
  • Risk of data loss or damage
  • Unauthorized access to corporate IT systems and data
Ценности Business Values
  • Ensure Security and Business Continuity
Матрица сравнения с конкурентами Matrix of comparison with competitors

About Product

Flexible deployment options and native integration with our next-generation platform extend the policy enforcement and cyberthreat prevention to everywhere your users and data are located: in your network, on your endpoints and in the cloud.

Superior architecture, superior benefits

Complete visibility and precise control: Our next-generation firewalls provide complete visibility into all network traffic based on applications, users, content and devices. Automated security: Innovative features reduce manual tasks and enhance your security posture, for example, by disseminating protections from previously unknown threats globally in near-real time, correlating a series of related threat events to indicate a likely attack on your network, and using dynamic address groups in security rules to avoid updating server IP addresses frequently. Protection for your users and data everywhere: Our next-generation firewalls are natively integrated with our security platform, which prevents advanced and unknown cyberthreats no matter where the users and data are located: in your network, on your endpoints and in the cloud.

Products: PA-5000 Series, PA-4000 Series, PA-3000 Series, PA-2000 Series, PA-500, PA-200, VM-Series, Management Platforms

Visibility and Control

Our next-generation firewall classifies all traffic, including encrypted traffic, based on application, application function, user and content. You can create comprehensive, precise security policies, resulting in safe enablement of applications. This lets only authorized users run sanctioned applications, greatly reducing the surface area of cyber attacks across the organization.

Threat Prevention

The combination of Content-IDTM and WildFireTM provides protection from known and unknown threats. Content-ID limits unauthorized data transfer and detects and blocks a wide range of threats. WildFire identifies unknown malware, zero-day exploits, and advanced persistent threats (APTs) through static and dynamic analysis in a scalable, virtual environment, and automatically disseminates updated protections globally in near-real time.

Built-in, not Bolted-on

Today’s security architectures are a result of adding uncoordinated security layers one at a time, making them ineffective in dealing with modern threats. Unlike legacy firewalls that are based on this "layered security" architecture, our next-generation firewalls use a unified security design that classifies all traffic into full context before applying one set of flexible security rules in a single pass.



Antivirus and antispyware functions
IDS/IPS availability

SSL VPN remote access;Application control;IPv4/IPv6 protocols;Hiding adresses with NAT;DHCP;Decrypting SSL traffic;IPSec Site to Site VPN tunnels;Stateful TCP/IP stack;URL filtering;Configuring static and dynamic routing

Bot protection
DDOS protection N/A
Data Leak Prevention
Network behavior analysis support
Sandboxing support
Context-aware policy
Application level attacks protection (Application Intelligence)

Features of users

Признаки применимости Company requirements
  • Internet access is available for employees