Network technologies and trends

Sep 1 2015   5:07AM GMT

What is Single Pass Parallel Processing (SP3) Architecture?

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

Application firewalls
Palo Alto Networks

When it comes to Next Generation firewalls, it’s quite common to see most of the Next Generation firewalls does serial processing, of various policies applied in that particular NG Firewall, which in turn delays the processing of various policies like firewall policy, URL Filtering, IPS, AV, etc. or consumes all the available Firewall hardware resources like CPU consumption, or memory utilization.

However Palo Alto Next Generation firewall takes an approach of Single Pass Parallel Processing (SP3) engine.

Single Pass

With the help of Single Pass Parallel Processing approach, Palo Alto Firewalls are in position to

  • Classify traffic with App-ID
  • Can do both user and group mapping
  • Perform content scanning like threats, URLs etc.
  • Can make use of One Policy to process various tasks
  • Can do Parallel Processing
  • Can provide separate Data and Control plane

One of the advantages I see with this kind approach is that, the traffic can be scanned as it crosses the Palo Alto firewall with minimum amount of buffering, which in turn can allow to enable the advance features like virus/ malware scanning without effecting the firewall performance.

1  Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • stamkeyboard
    Thanks sir....
    10 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: