Palo Alto features and specifications

Next-Generation Firewall	Supported by all models
Comprehensive visibility and granular control for thousands of applications; ability to create custom applications; ability to manage unknown traffic based on policy	✓
User identification and control: VPNs, WLAN controllers, captive portal, proxies, Active Directory, eDirectory, Exchange, Terminal Services, Syslog Parsing, XML API	✓
Granular TLS/SSL decryption and verification (inbound and outbound); including support for TLS 1.3 and HTTP/2 protocols	✓
Network functions: dynamic routing (RIP, OSPF, BGP, multiprotocol BGP), DHCP, DNS, NAT, route redistribution, ECMP, LLDP, tunnel content checking	✓
QoS: policy-based traffic shaping (priority, guaranteed, maximum) per application, per user, per tunnel, based on DSCP classification	✓
Virtual systems: logical, separately managed firewall instances within a single physical firewall, with traffic from each virtual system kept separate	✓
Zone-based network segmentation and zone protection; DoS protection against flooding with new sessions	✓
Threat Prevention (Subscription required)
Inline malware protection automatically enforced with daily updated, malware-based signatures	✓
Vulnerability-based protection against network- and application-level exploits and evasion techniques, including port scans, buffer overflows, packet fragmentation, and obfuscation tactics	✓
Prevent command-and-control (C2) activity that exfiltrates data or introduces secondary malware malware code; identify infected hosts through DNS sinkholing	✓
URL Filtering (Subscription required)
Automatic defense against web-based attacks - by automatically blocking links contained in phishing emails, phishing URLs, HTTP-based C2, and exploit kit-infested websites	✓
Ability to stop phishing for credentials	✓
Custom URL categories, alerts and notification pages	✓
IoT Security (Subscription required)
Accurate identification and classification of all devices on a network, including previously unknown devices	✓
Device security through ML-assisted anomaly detection, vulnerability assessment, risk-based policy recommendations, and enforcement with Device ID policy (Device-based policy enforcement not available on VM-50, VM-50 Lite, or CN-Series devices)	✓
No additional infrastructure required for activation on next-generation firewalls	✓
WildFire-Malwareprotection (Subscription required)
Detection of zero-day malware and exploits with multi-layered, complementary analysis techniques	✓
Automatic defense against most threats to networks, endpoints and clouds within seconds	✓
Community-based data to help protect, with over 30,000 participants	✓
AutoFocus Threat Intelligence (Subscription required)
Contextualization and classification of attacks, including malware family, attacker, and campaign, to accelerate assessment and response actions	✓
Comprehensive, globally correlated threat intelligence from WildFire	✓
Third-party threat intelligence for automated defenses	✓
DNS Security (Subscription required)
Automatically blocks tens of millions of malicious domains through real-time analysis and continuously updated threat data from around the world	✓
Machine learning-assisted analytics to quickly detect C2 activity or theft of data using DNS tunneling	✓
Automated dynamic processes to identify and rapidly isolate infected devices according to guidelines	✓
File and data filtering
Bi-directional control mechanisms to detect unauthorized transfer of certain file types, social security and credit card numbers, and data matching user-defined patterns	✓
Network security for endpoints through GlobalProtect (Subscription required)
Remote access VPN (SSL, IPsec, clientless); mobile threat prevention and policy enforcement based on apps, users, content, devices, and device state	✓
Data security for end devices of mobile users through application-specific configured VPN connections	✓
Panorama for network security management (Subscription required to manage multiple firewalls)
Intuitive policy control with applications, users, threats, advanced malware defenses, URLs, file types, and data patterns in a single policy	✓
Useful visibility into traffic and threats with Application Command Center (ACC); fully customizable reports	✓
Aggregated logging and event correlation	✓
Consistent, scalable management of up to 30,000 firewalls in hardware or from VM-Series, role-based access control, logical and hierarchical device groups, and templates	✓
GUI, CLI, XML-based REST-API	✓