The Palo Alto Networks PA-400 Series, comprising the PA-460, PA-410, PA-410, and PA-410, brings ML-Powered NGFW capabilities to distributed enterprise branch offices, retail locations, and midsize businesses. The world's first ML-Powered Next-Generation Firewall (NGFW) enables you to prevent unknown threats, see and secure everything—including the Internet of Things (IoT)—and reduce errors with automatic policy recommendations. The controlling element of the PA-400 Series is PAN-OS, the same software that runs all Palo Alto Networks NGFWs. PAN-OS natively classifies all traffic, including of applications, threats, and content, and then ties that traffic to the user regardless of location or device type. The application, content, and user—in other words, the elements that run your business—then serve as the basis of your security policies, resulting in improved security posture and reduced incident response times.
Part number | PAN-PA-440 |
Description | Palo Alto Networks PA-440, 3.0 Gbps firewall throughput, 0.9 Gbps threat prevention throughput |
Firewall throughput (HTTP/appmix) | 3.0/2.4 Gbps |
Threat Prevention throughput (HTTP/appmix) | 0.9/1.0 Gbps |
IPsec VPN throughput | 1.6 Gbps |
Max sessions | 200,000 |
New sessions per second | 39,000 |
Key Security and Connectivity Features
1.ML-Powered Next-Generation Firewall
Embeds machine learning (ML) in the core of the firewall to provide inline signatureless attack prevention for file- based attacks while identifying and immediately stopping never-before-seen phishing attempts.
2.Enables SD-WAN functionality
Delivers an exceptional end user experience by minimizing latency, jitter, and packet loss.
3.Delivers a unique approach to packet processing with Single-Pass Architecture
Avoids introducing latency by scanning traffic for all signatures in a single pass, using stream-based, uniform signature matching.
4.Prevents malicious activity concealed in encrypted traffic
Offers rich visibility into TLS traffic, such as the amount of encrypted traffic, TLS/SSL versions, cipher suites, and more, without decrypting.
5.Identifies and categorizes all applications, on all ports, all the time, with full Layer 7 inspection
Uses the application, not the port, as the basis for all your safe enablement policy decisions: allow, deny, schedule, inspect, and apply traffic-shaping.
6.Enforces security for users at any location, on any device, while adapting policy based on user activity
Prevents corporate credentials from leaking to third-party websites and prevents reuse of stolen credentials by enabling multi-factor authentication (MFA) at the network layer for any application without any application changes.