It’s no coincidence that Palo Alto Networks is considered to be a leader and pioneer when it comes to Next Generation Firewall appliances and Gartner seems to agree with this statement based on their Magic Quadrant report in the Next Generation Firewall Segment: The PA-5000 Series firewalls such as the PA-5020, PA-5050 & PA-5060 are very powerful and best suited for medium to large Enterprise Networks. This series of firewalls offers an impressive throughput (App-ID) between 5Gbps and 20Gbps. These are the most stable firewalls the industry has seen and it’s often recommended to have a PA-5060 firewall as a Data Centre Firewall for mid to large size data centres.
Application Usage, Visibility and Control: Users are accessing diverse types of apps, including SaaS apps, from varying devices and locations. Some of these apps are sanctioned, some tolerated and others unsanctioned. Security administrators want to have complete control over usage of these apps and set policy to either allow or control certain types of applications and deny others. An NGFW provides complete visibility into application usage, along with capabilities to understand and control their use. For example, understand usage of application functions, such as audio streaming, remote access, posting documents etc., and then enforce granular controls over usage, such as uploading and posting to Facebook, file sharing on Box and file transfer. Basically, the SP3 engine utilizes the same stream-based signature format to process the protection features like Anti-Virus, Spyware, Vulnerability Protection and Data Filtering. By doing so the firewall saves valuable processing power, unlike other Unified Threat Management (UTM) appliances which serially process each security feature offered, this often introduces latency to the network traffic. The PA-3000 series Palo Alto Firewalls like the PA-3020, PA-3050 & PA-3060 are good for Mid-Size Enterprise Networks and they offer a throughput (App-ID) between 2Gbps and 4Gbps based the on model selected. The PA-3060 is the only firewall that comes with 2 x 10Gbps SFP+ Interfaces, while the rest of the PA-3000 Series offer only 1Gig Interfaces, which are both copper and fiber. MOre info: field engineer