Highlights of the new hardware and virtual firewalls include:
- New PA-5200 Series: This new series includes three devices: the PA-5260, PA-5250 and PA-5220. This new advanced architecture delivers 72 Gbps App-ID and 30 Gbps Threat Prevention performance, up to 32M sessions, 3.2M SSL-decrypt session capacity and 6.5 Gbps SSL-decrypt throughput on the PA-5260 model. Higher 10G port density and 40G and 100G interface supports diverse deployments. These models deliver security for high throughput environments within a compact form factor, making them ideal for data center consolidation, increased gateway demands, and inspecting encrypted traffic.
- New PA-800 Series: The new PA-800 series includes two devices: the PA-850 and PA-820. This new architecture delivers 1.9 Gbps App-ID and 780 Mbps Threat Prevention performance on the PA-850. A high-performance management plane leverages multiple CPU cores and 8GB memory. The PA-850 features redundant power for additional hardware resiliency. These models are ideal for medium-sized networks, and branch and remote office environments.
- New PA-220 delivers full PAN-OS capabilities in a small desktop footprint with increased port density. The PA-220 features built-in resiliency via dual power adapters and complete high availability support for active/active and active/passive clusters. Passive and silent cooling eliminates noise and increases reliability. The small footprint makes these models ideal for small branch offices and remote locations.
- Three new VM-Series virtual firewall models: These new models deliver industry-leading cloud security performance options ranging from 200 Mbps up to an industry-leading 16 Gbps to deliver predictable performance in cloud deployments and address a variety of use cases, from virtualized branch office to data center and service provider deployments.
New VM-50 is optimized to consume minimal resources yet delivers 200 Mbps of App-ID performance for customer scenarios that range from virtual branch office/customer premise equipment (CPE) to high-density, multi-tenancy environments.
Faster VM-100, VM-200, VM-300 and VM-1000-HV have been optimized to deliver 2-4 times their previous performance with 2 Gbps and 4 Gbps of App-ID performance for hybrid cloud, segmentation and internet gateway use cases.
New VM-500 and VM-700 deliver an industry-leading 8 Gbps to 16 Gbps of App-ID performance, respectively, and can be deployed as NFV security components in fully virtualized data center and service provider environments.
Among the more than 70 new features introduced to the Next-Generation Security Platform as part of PAN-OS 8.0, feature highlights include:
- Stopping sandbox evasion techniques with a new 100 percent custom-built hypervisor and bare metal analysis environment for the WildFire™ service, designed to automatically identify and prevent the most evasive threats.
- Automated command-and-control signatures using a new and unique payload-based signature generation engine. This new approach delivers researcher-grade, payload-based signatures in a delivery mechanism that is automated end to end for faster time to prevention of adversary phone home attempts.
- Automated integration of threat intelligence delivered through the integration of the MineMeld application with the AutoFocus™ service, whereby security operations teams can easily ingest multiple data feeds, accelerate the digestion of all the threat intelligence, create customizable fields, and quickly automate remediation to the next-generation firewall, as well as alert SOC groups via third-party SIEM solutions or asset management products.
- Management features that provide administrators fast and accurate insight delivered by Panorama™ network security management and now include ingestion of Traps™ advanced endpoint protection logs, as well as additional firewall logs. This enriches correlation of indicators of compromise and automates actions to update the next-generation firewall with new automated actions to prevent adversary lateral movement and alert IT via third-party IT service management and security response systems, such as ServiceNow, lowering operational burden for security teams.
- Secure any cloud! AWS, Azure and more
- Secure SaaS (Office 365®, Box, Slack®) with visibility and enforcement
More info https://www.paloaltonetworks.com/products/new/new-panos8-0