Palo-Alto Firewalls Category II

In my previous article I wrote about the Category I firewalls with features, capabilities and other functions. You can go through the article again on the below mentioned links as

Palo-Alto Firewalls Category I firewalls

Now after Category I, Lets talk about the category II firewalls now. As i earlier divide the firewalls in the categories, so below are the Category II firewalls 

Catagory-II
PA-5060; PA-5050; PA-5020; PA-3060; PA-3050 and PA-3020 Systems.

We will have the discussion in the same features which I discussed in Category I firewalls and the features are 

  • Throughput of the firewalls
  • Threat Preventions capabilities
  • IPSEC VPN throughput
  • Max and New Sessions per seconds
  • Interface supported
  • Management I/O systems information
  • Rack mountable Information
  • Power supply information
  • Disk drives and hot swap fans information with full details.
Below is the table showing all the capabilities of the Category II firewalls. Please click on the image for more clarity.

Fig 1.1- Palo-Alto Firewalls Category II

Palo Alto Firewalls and Models- Category I

Today I am going to talk about the various models of Palo-Alto Firewalls with their features and the capabilities. They have major market hold in this segment and competing with the various competitors which includes Cisco, Checkpoint mainly. In this article I am going to cover various models of the Palo-Alto Firewalls.

Catagory-I
We have various models which includes Palo-Alto PA-7080 Systems; PA-7050 Systems; PA-5260; PA-5250; PA-5220 Systems.

Catagory-II
PA-5060; PA-5050; PA-5020; PA-3060; PA-3050 and PA-3020 Systems.

Catagory-III
Apart from the above mentioned models we have some small capable models as well which includes PA-850; PA-820; PA-500; PA-220 and PA-200 models of Firewall in the Palo-Alto portfolio.

Catagory-IV
In the Virtual Firewall appliances we have VM-50; VM-100/200; VM-300/VM-1000HV; VM-500 and VM-700 models. In this article I am going to talk about the Category I.

Below is the diagram showing the deployment of the Palo-Alto Firewalls with Arista Switches in the network.

Fig 1.1- Palo Alto Firewalls
Now Let's talk about the various models and the features they supports. I will talk Category II and Category III in another post.

Below is the comparison showing between the various models which i talk about in the Category1 Palo-Alto Firewalls. To view Continue reading

Liveblog: VMworld 2017 Day 2 Keynote

This is a liveblog of the day 2 keynote at VMworld 2017 in Las Vegas, NV. Unlike yesterday, I wasn’t accosted by the local facilities team trying to get a seat at a table in the bloggers/press/analyst area, so that’s an improvement over yesterday. While I’m aware of (most, if not all, of) the announcements that will be made today, I’m still looking forward to the keynote.

Promptly at 9am, Pat Gelsinger takes the stage to kick off the day 2 keynote. He quickly recaps yesterday’s announcements and activities, and then rapidly dives into day 2. First up is a “fireside chat” with Michael Dell.

Gelsinger brings Dell onto the stage and they dive into a number of questions submitted by folks.

  • Gelsinger fields the first question, which is regarding VMware support. He calls on customers to be sure to let VMware know if support, services, products, etc., don’t meet their expectations. Gelsinger refers back to Skyline, which was brushed off yesterday, as a key component of improving VMware’s support mechanisms.
  • Dell leads off the discussion on a question regarding quantum computing, artificial intelligence (AI) and machine learning (ML), and other forward-looking efforts. Naturally, he positions his company (Dell Continue reading

My Career Planning: A Ride-Along

About a year ago I shared with you (Thinking Out Loud: My Career Planning) a little about my yearly career planning process.  This time I’m going to bring you on a ride-along of this year’s annual Career Planning exercise.

First and foremost I must answer a common question that I was asked a lot after last year’s blog.

The Dream Job Question: 

“Why do you even bother with the yearly career planning process? You are always saying that CPOC is your dream job come true”

Yes. Without a doubt CPOC really is my absolute dream job come true!  I consider myself so truly fortunate, blessed and lucky to still be here with CPOC.  Rocking 16 1/2 years with CPOC and the CPOC family at Cisco!

So that all being said… why do I still review every year?  Like I mentioned in last year’s blog “over the years what I’ve seen is that my 1 year plan, 3 year plan, 5 year plan and 10 year plans have changed as I have changed.”  So then reviewing every year is just taking the time to “check in” that the job I’m in is not Continue reading

How I’ve Attempted to Blog More in 2017

This post has been sitting in the “drafts” folder for a while now. Clearly, since it's August and is therefore a little late to be deciding on a plan that is supposed to carry through all 12 months of 2017. Regardless, I think it's still worth sharing how I've attempted to increase the frequency of my blogging. My basic goal for 2017 is:

Create more content in 12 months than I ever have before in order to a) significantly build up the depth and breadth of knowledge on my blog, b) increase my skills as a writer, and c) continue to build this blog and the readership as a key part of my online persona and brand.

In order to achieve this goal, I've identified a couple of tactical objectives:

  1. Reduce the friction between me and the keyboard; make it possible to “just write”.
  2. Be able to “just write” anywhere. At home. On vacation. In a waiting room. On an airplane. I should also be able to start a post in one location and pick it up again in another. Indirectly this means I need to be able to write on any of my computers or mobile devices.

In order Continue reading

Introducing VMware AppDefense – Expanding beyond micro-segmentation to threat detection and response

Hopefully, you have heard the news today! We couldn’t be more excited to announce the general availability of VMware AppDefense, our new security solution. AppDefense bolsters the micro-segmentations threat prevention capabilities delivered by NSX with data center endpoint threat detection and response. It’s no secret that organizations are spending more money than ever on security. It’s also no surprise that the only thing outpacing security spend are the losses due to security breaches. At VMware, we believe the struggle organizations face in gaining the upper-hand in this battle is due to a foundational architectural gap that creates misalignment between the infrastructure where security is applied and the applications that security is designed to protect.

NSX was the first step toward re-aligning network security policy with applications by leveraging the virtualization layer to enable micro-segmentation, as well as enhance the posture of other security solutions through integrations and features like service insertion and guest introspection. But applications are made up of both networks and data center endpoints like VMs. AppDefense is the other half of the puzzle. Whereas NSX prevents threats from moving freely throughout the network, AppDefense detects anything that does make it to an endpoint and can automatically Continue reading

Google leaked prefixes – and knocked Japan off the Internet

Last Friday, 25 August, a routing incident caused large-scale internet disruption. It hit Japanese users the hardest, slowing or blocking access to websites and online services for dozens of Japanese companies.

What happened is that Google accidentally leaked BGP prefixes it learned from peering relationships, essentially becoming a transit provider instead of simply exchanging traffic between two networks and their customers. This also exposed some internal traffic engineering that caused many of these prefixes to get de-aggregated and therefore raised their probability of getting accepted elsewhere.

Andrei Robachevsky

Worth Reading: Dealing with IPv6 fragmentation in the DNS

It appears that rather than effecting a slight improvement from IPv4, the manner of fragmentation handling in IPv6 appears to be significantly worse than IPv4. Little wonder that there have been calls from time to time to completely dispense with packet fragmentation in IPv6, as the current situation with IPv6 appears to be worse than either no fragmentation or the IPv4-style of fragmentation. —Geoff Huston @ APNIC

The post Worth Reading: Dealing with IPv6 fragmentation in the DNS appeared first on rule 11 reader.

IDG Contributor Network: 5 myths about Z-wave technology debunked

As the IoT and industries related to it continue to expand at mind-boggling speeds, it’s only natural that myths and hear-say about IoT-related technologies grow as well. One of the greatest victims of scandalous rumors is Z-Wave technology, a critical aspect of the IoT that is often unfairly castigated by those who present false or misleading information.So just how secure is Z-Wave technology? What are the most persistent myths about it, and why do some people benefit from spreading them? Below, we’ll go over five common myths about Z-Wave tech, and explain just how wrong they are.Z-Wave is difficult to integrate into the IoT One of the most heinous hoaxes proliferating around the internet is that Z-Wave technology is difficult to integrate into the IoT, and presents serious challenges to IoT application and gadget developers. Nothing could be further from the truth, however. Some Z-Wave critics argue that its development kits are few and far-between, and challenging to both locate and utilize. The reality, however, is that a plethora of Z-Wave development kits are readily prepared to help IoT developers achieve their objectives easily.To read this article in full or to leave a comment, please click here

IDG Contributor Network: 5 myths about Z-wave technology debunked

As the IoT and industries related to it continue to expand at mind-boggling speeds, it’s only natural that myths and hear-say about IoT-related technologies grow as well. One of the greatest victims of scandalous rumors is Z-Wave technology, a critical aspect of the IoT that is often unfairly castigated by those who present false or misleading information.So just how secure is Z-Wave technology? What are the most persistent myths about it, and why do some people benefit from spreading them? Below, we’ll go over five common myths about Z-Wave tech, and explain just how wrong they are.Z-Wave is difficult to integrate into the IoT One of the most heinous hoaxes proliferating around the internet is that Z-Wave technology is difficult to integrate into the IoT, and presents serious challenges to IoT application and gadget developers. Nothing could be further from the truth, however. Some Z-Wave critics argue that its development kits are few and far-between, and challenging to both locate and utilize. The reality, however, is that a plethora of Z-Wave development kits are readily prepared to help IoT developers achieve their objectives easily.To read this article in full or to leave a comment, please click here

History of computers, part 1 — The bulletin board system

One weird little quirk about being human is that we (as a group) tend to think things have been the way they currently are for a lot longer than they actually have been — and that they're not likely to change.Even the most hard and well-backed-up science tends to change with the proverbial wind. Example: Cholesterol ... good or bad? See? Things (and ideas) change. Fast. And often we don't think they've changed at all. Sometimes it's good to sit back and look at how things have already changed — to see how things might change in the future.Let's apply that to servers. Computers serving up bits of data to other computers. What did those look like 10 years ago? 20? 50? In this article series, let's look over each major era and type of servers, in no particular order — I'll be bouncing around a bit as I tell the story of "Computer Servers."To read this article in full or to leave a comment, please click here

History of computers, part 1 — The bulletin board system

One weird little quirk about being human is that we (as a group) tend to think things have been the way they currently are for a lot longer than they actually have been — and that they're not likely to change.Even the most hard and well-backed-up science tends to change with the proverbial wind. Example: Cholesterol ... good or bad? See? Things (and ideas) change. Fast. And often we don't think they've changed at all. Sometimes it's good to sit back and look at how things have already changed — to see how things might change in the future.Let's apply that to servers. Computers serving up bits of data to other computers. What did those look like 10 years ago? 20? 50? In this article series, let's look over each major era and type of servers, in no particular order — I'll be bouncing around a bit as I tell the story of "Computer Servers."To read this article in full or to leave a comment, please click here

IDG Contributor Network: Why microservices are the foundation to a digital future

There’s no doubt that digital transformation (DX) is revolutionizing the way we do business, and cloud computing serves as a key cog in the DX machine. Cloud’s elasticity can indeed help digital businesses communicate more rapidly and increase innovation. But to extract full value from the cloud, companies must make sure that they aren’t bringing the equivalent of a cutlass to a gun fight when it comes to migrating existing applications and accelerating software development.Here is what I mean: many businesses start their migration journeys by lifting and shifting existing on-premises applications into the cloud, making few to no changes to the application itself.  But running such the same old monolithic application architectures in the cloud means that your applications aren’t built to maximize cloud benefits. Just the opposite: They often present scalability issues, increase cost and require time-consuming application support. Ultimately, this will erode DX strategies, which depend on modernizing, rapidly iterating, and scaling applications.To read this article in full or to leave a comment, please click here

1 1,923 1,924 1,925 1,926 1,927 3,840