The Palo Alto Networks firewall supports the following
— A simple VPN that connects a central site and a remote
site, or a hub and spoke VPN that connects a central site with multiple remote
sites. The firewall uses the Internet Protocol Security (IPSec) set of protocols
to set up a secure tunnel for the traffic between the two sites. See Site-to-Site VPN Overview.
Remote User-to-Site VPN
—A solution that uses the GlobalProtect agent to
allow a remote user to establish a secure connection through the firewall. This
solution uses SSL and IPSec to establish a secure connection between the user
and the site. Refer to the GlobalProtect Administrator’s Guide.
Large Scale VPN
— The Palo Alto Networks GlobalProtect Large Scale VPN
(LSVPN) provides a simplified mechanism to roll out a scalable hub and spoke VPN
with up to 1,024 satellite offices. The solution requires Palo Alto Networks
firewalls to be deployed at the hub and at every spoke. It uses certificates for
device authentication, SSL for securing communication between all components,
and IPSec to secure data. See Large Scale VPN (LSVPN).