Note

šŸ‘‰ šŸ‘‰ ⭐ For Sponsored/Guest Articles, please email us on šŸ“§ networks.baseline@gmail.com ⭐

NGFW: Introduction to Palo Alto PA-1400 Series

Next Generation Firewalls
Introduction to Palo Alto PA-1400 Series 

The data centers and dispersed enterprise branches that the Palo Alto Networks PA-1400 Series Next-Generation firewalls are intended for. The firewalls in this series are the PA-1410 and PA-1420. The Palo Alto PA-1400 series (PA-1410 and PA-1420) is the first machine learning-powered Next-Gen firewall family.

To assist you in fulfilling your deployment objectives, these models offer flexibility in performance and redundancy. Power Over Ethernet (PoE) capabilities, power redundancy, and Multi-Gig ports are a few of its characteristics. 

The Palo Alto PA-1400 Series offers cutting-edge security capabilities to assist you in securing your business through enhanced application, user, and content visibility and management.

Palo Alto PA-1400 Series
Fig 1.1- Palo Alto PA-1400 First Look

The firewalls Palo Alto PA-1410 and PA-1420 are powered by ML. In order to enable inline signatureless attack prevention for file-based assaults, machine learning is integrated into the firewall's basic functionality.

At the same time, they spot and block phishing efforts that have never been seen before. Additionally, it uses cloud-based ML techniques to provide zero-delay instructions and signatures back to the NGFW. Additionally, behavioral analysis is used by the 
Palo Alto PA-1400 series to identify IoT devices and propose policies.


Regardless of port, protocol, evasive measures, or encryption (TLS/SSL), anything. With a SaaS Security subscription, it automatically detects and manages new apps to stay up with the SaaS expansion.

Additionally, the Palo Alto PA-1400 series stops harmful behaviour that is concealed in encrypted communications. It accomplishes this by looking over and enforcing rules on all inbound and outgoing TLS/SSL-encrypted communication.

This applies to HTTP/2 and TLS 1.3 traffic as well. Without decrypting, it provides comprehensive insight into TLS communication, including the volume of encrypted traffic, TLS/SSL versions, cypher suites, and more. Throughput of the Palo Alto PA-1400 Series NGFW as stated below

PA-1410
Up to 8.9 Gbps of total firewall throughput, 3.3 Gbps of threat prevention throughput, and 4.6 Gbps of IPsec VPN throughput may be pushed by the Palo Alto PA-1410. With a maximum of 945,000 sessions, it can supply 100,000 new sessions each second.

PA-1420
Up to 9.9 Gbps of total firewall throughput, 5.2 Gbps of threat prevention throughput, and 6.9 Gbps of IPsec VPN throughput are all provided by the Palo Alto PA-1420. It can handle 1.4 million sessions at most and 140,000 new sessions per second.

Establish a Connection to the Firewall

The PA-1400 Series firewall boots into Zero Touch Provisioning (ZTP) mode by default on initial boot. ZTP mode enables you to automate the setup of a new firewall on a Panorama management server.

Step 1: Connect the device to the relevant port using an RJ-45 Ethernet wire. The port(s) linked will be determined by the mode in which you want the firewall to operate. Generally there are two modes Standard mode and ZTP. You can enable any of the mode you want. We will talk about the Standard mode

Step 2: You will need access to the firewall CLI to react to a prompt during bootup if you plan to start the firewall in normal mode. Connect the PA-1400 Series firewall's console wire to your PC. After turning on the firewall, use a terminal emulator such as Putty to access the CLI.

Step 3: Watch for the following CLI prompt when the firewall starts using your terminal emulator.
Do you want to exit ZTP mode and configure your firewall in standard mode (yes/no)[no]? YES

Note: If using standard mode, configure the firewall manually. When utilizing ZTP mode, the ZTP service will automatically push the device group and template settings set up on the Panorama management server to the firewall.

Step 4: Open a browser and navigate to https://192.168.1.1. Use the default credentials (admin/admin) to access the web interface when requested.

Now the connection is setup as you already login to the Palo Alto Firewall PA-1400 Series.

No comments