Archive for Palo Alto Technology

The Benefits of Palo Alto Networks Firewall Single Pass Parallel Processing (SP3) and Hardware Architecture

What makes Palo Alto Networks Next-Generation Firewall (NGFW) so different from its competitors is its Platform, Process and Architecture. Palo Alto Networks delivers all the next generation firewall features using the single platform, parallel processing and single management systems, unlike other vendors who use different modules or multiple management systems to offer NGFW features.

Palo Alto Networks Next-Generation Firewall’s main strength is its Single Pass Parallel Processing (SP3) Architecture, which comprises two key components:

  • Single Pass Software
  • Parallel Processing Hardware

 

Figure 1.   Palo Alto Networks Firewall Single Pass Parallel Processing Architecture

» Read more

Tap Mode, Virtual Wire, Layer 2 & Layer 3 Deployment modes

Our previous article explained how Palo Alto Firewalls make use of Security Zones to process and enforce security policies. This article will explain the different configuration options for physical Ethernet and logical interfaces available on the Palo Alto Firewall.

It’s easy to mix and match the interface types and deployment options in real world deployments and this seems to be the strongest selling point of Palo Alto Networks Next-Generation Firewalls. Network segmentation becomes easier due to the flexibility offered by a single pair of Palo Alto appliances.

Below is a list of the configuration options available for Ethernet (physical) interfaces:

  • Tap Mode
  • Virtual Wire
  • Layer 2
  • Layer 3
  • Aggregate Interfaces
  • HA

Following are the Logical interface options available:

  • VLAN
  • Loopback
  • Tunnel
  • Decrypt Mirror

The various interface types offered by Palo Alto Networks Next-Generation Firewalls provide flexible deployment options.

» Read more