Palo Alto Networks Enterprise Firewall PA-5220
The PA-5200 Series next-generation firewalls prevent threats, and safely enable applications, across a diverse set of high-performance use cases (e.g., Internet Gateway, Data Center, and Service Provider environments). The series includes the PA-5260, PA-5250, and PA-5220 which provide predictable performance with deep visibility into and control over all traffic, including encrypted traffic.

The PA-5200 Series enables you to secure your organization through advanced visibility and control of applications, users, and content at throughput speeds of up to 72 Gbps. Dedicated processing resources assigned to networking, security, signature matching, and management functions ensure predictable performance.


Palo Alto Networks PA-5220 with redundant AC power supplies



Virtual systems upgrade - Additional 10 virtual systems (10 to 20) for PA-5220



Palo Alto Networks PA-5220 with redundant DC power supplies

Palo Alto Networks Enterprise Firewall PA-5220
Key Security Features:
Classifies all applications, on all ports, all the time

.Identifies the application, regardless of port, encryption (SSL or SSH), or evasive technique employed
.Uses the application, not the port, as the basis for all of your safe enablement policy decisions: allow, deny, schedule, inspect and apply traffic-shaping
.Categorizes unidentified applications for policy control, threat forensics or App-ID™ application identification technology development

Enforces security policies for any user, at any location

.Deploys consistent policies to local and remote users running on the Windows®, Mac® OS X®, Linux®, Android™ or Apple® iOS platforms
.Enables agentless integration with Microsoft® Active Directory® and Terminal Services, LDAP, Novell® eDirectory™ and Citrix®
.Easily integrates your firewall policies with 802.1X wireless, proxies, NAC solutions, and any other source of user identity information
Prevents known and unknown threats

.Blocks a range of known threats, including exploits, malware and spyware, across all ports, regardless of common threat-evasion tactics employed
.Limits the unauthorized transfer of files and sensitive data, and safely enables non-work-related web surfing
.Identifies unknown malware, analyzes it based on hundreds of malicious behaviors, and then automatically creates and delivers protection

The controlling element of the PA-5200 Series is PAN-OS®, security operating system, which that natively classifies all traffic, inclusive of applications, threats and content, and then ties that traffic to the user, regardless of location or device type. The application, content and user – in other words, the business elements that run your business – are then used as the basis of your security policies, resulting in an improved security posture and a reduction in incident response time.


Performance and Capacities1








Firewall throughput2 (App-ID enabled)

72.2 Gbps 35.9 Gbps 18.5 Gbps


Threat prevention throughput3

30 Gbps 20.3 Gbps 9.2 Gbps


IPsec VPN throughput

21 Gbps 14 Gbps 5 Gbps


Max sessions

32,000,000 8,000,000 4,000,000


New sessions per second4

458,000 348,000 169,000


Virtual systems (base/max5)

25/225 25/125 10/20
Contact Us
Mail Us