Palo Alto Networks® offers a full line of next-generation security appliances that range from the PA-200 firewall, designed for enterprise remote offices, to a PA-7000 Series firewall, which is a modular chassis designed for high-speed data centers. The firewall allows you to specify security policies based on accurate identification of each application that will traverse your network. Unlike traditional firewalls that identify applications only by protocol and port number, the Palo Alto Networks next-generation firewall uses packet inspection and a library of application signatures to distinguish between applications that have the same protocol and port and to identify potentially malicious applications that use nonstandard ports.
To safely enable the use of applications, maintain complete visibility and control, and protect the organization from the latest cyber threat, you can define security policies for specific applications or application groups rather than use a single policy for all port 80 connections. For each identified application, you can specify a security policy to block or allow traffic based on the source and destination zones and addresses (IPv4 and IPv6). Each security policy can also specify security profiles to protect against viruses, spyware, and other threats.