Wednesday, 14 June 2017

Palo Alto Datasheet - PA-820

PA-820

App-ID firewall throughput940 Mbps
Threat prevention throughput610 Mbps
Connections per second8,300
Max sessions (IPv4 or IPv6)130,000


Performance

App-ID firewall throughput940 Mbps
Threat prevention throughput610 Mbps
IPSec VPN throughput400 Mbps
Connections per second8,300

Sessions

Max sessions (IPv4 or IPv6)130,000

Policies

Security rules1,500
Security rule schedules256
NAT rules3,000
Decryption rules100
App override rules100
QoS rules100
Tunnel content inspection rules100
Policy based forwarding rules100
Captive portal rules100
DoS protection rules100

Security Zones

Max security zones30

Objects (addresses and services)

Address objects2,500
Address groups250
Members per address group2,500
Service objects1,000
Service groups250
Members per service group500
FQDN address objects2,000
Max IP addresses registered per system*1,000
Tags per IP address32

Security Profiles

Security profiles100

App-ID

Custom App-ID signatures6,000
Shared custom App-IDs512
Custom App-IDs (virtual system specific)6,416

User-ID

User-IP mappings (management plane)512,000
User-IP mappings (data plane)128,000
Active and unique groups used in policy1,000
Number of agents100
Monitored servers per agent100
Maximum terminal services agents400

SSL Decryption

Max SSL inbound certificates25
SSL certificate cache (forward proxy)128
Max concurrent decryption sessions12,800

URL Filtering

Total entries for allow list, block list and custom categories25,000
Max custom categories2,849
Max custom categories (virtual system specific)500
Dataplane cache size for URL filtering10,000
Management plane dynamic cache size1,000,000

Interfaces

Mgmt - out-of-band10/100/1000, RJ45/Micro USB console
Mgmt - 10/100/1000 high availability2
Mgmt - 40Gbps high availabilityNA
Traffic - 10/100/10004
Traffic - 100/1000/10000NA
Traffic - 1Gbps SFP8
Traffic - 10Gbps SFP+NA
Traffic - 10Gbps XFPNA
Traffic - 40Gbps QSFPNA
802.1q tags per device4,094
802.1q tags per physical interface4,094
Max interfaces (logical and physical)1,024
Maximum aggregate interfaces6

Virtual Routers

Virtual routers5

Virtual Wires

Virtual wires512

Virtual Systems

Base virtual systems1
Max virtual systems*NA

Routing

IPv4 forwarding table size*5,000
IPv6 forwarding table size*5,000
System total forwarding table size10,000
Max route maps per virtual router50
Max routing peers (protocol dependent)1,000
Static entries - DNS proxy1,024
Bidirectional Forwarding Detection (BFD) SessionsNA

L2 Forwarding

ARP table size per device3,000
IPv6 neighbor table size3,000
MAC table size per device3,000
Max ARP entries per broadcast domain3,000
Max MAC entries per broadcast domain3,000

NAT

Total NAT rule capacity3,000
Max NAT rules (static)*3,000
Max NAT rules (DIP)*3,000
Max NAT rules (DIPP)3,000
Max translated IPs (DIP)3,000
Max translated IPs (DIPP)*400
Default DIPP pool oversubscription*2

Address Assignment

DHCP servers5
Max number of assigned addresses64,000

High Availability

Devices supported2
Max virtual addresses48

QoS

Number of QoS policies250
Physical interfaces supporting QoS12
Clear text nodes per physical interface31
DSCP marking by policyYes
Subinterfaces supportedSystem Limit

IPSec VPN

Site to site2,000
Max IKE Peers1,000

GlobalProtect Client VPN

Max tunnels (SSL, IPSec, and IKE with XAUTH)1,000

GlobalProtect Clientless VPN

Max SSL tunnels250

Multicast

Replication (egress interfaces)200
Routes1,500

Product Notes

End-of-saleN
A
at

1 comment:

Nikhil Ghag said...

How much power consume in WATT by Paloalto PA-820 device.

12 February 2019 at 09:21

Post a Comment

Subscribe to: Post Comments (Atom)

PAN-OS Supported ciphers

Following is a list of supported ciphers for PAN-OS 7.1 and later: SSLv3 Ciphers Supported (No change from PAN-OS 7.0) Non-FIPS mod...