Network technologies and trends

Sep 3 2015   5:43AM GMT

Palo Alto Network Firewall Architecture – Know how

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

Tags:
firewall
IPsec
NAT
Palo Alto Networks
SSL

Palo Alto takes a good approach in designing the architecture for their next generation firewalls. Palo Alto offers processors dedicated to security function that work in parallel.

Palo Alto firewall contains separate Control Plane and Data Plane. By separating them Palo Alto is ensuring that each plane runs independently and they do have dedicated processors, memory and hard drives. Some of the high end firewall comes with 2 to 6 core CPU dedicated either in Data Plane or Control Plane. You can read the product specifications for more details.

Palo Alto FW Architecture

Control Plane is used for management of Palo Alto firewalls, and it provides configuration, logging reporting and route updates

Date Plane consists of three type of processor that are connected by high speed 1 Gbps busses are extensively used by Signature Processor, Security Processor and Network Processor

Security Matching Processor:  Performs vulnerability and virus detection.

Security Processor: Performs hardware acceleration and handle security tasks such as SSL decryption, IPsec decryption,

Network Processor: Performs routing, NAT, QOS, route lookup, MAC Lookup and network layer communications.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: