Palo Alto features and specifications

Next-Generation Firewall Supported by all models
Comprehensive visibility and granular control for thousands of applications; ability to create custom applications; ability to manage unknown traffic based on policy
User identification and control: VPNs, WLAN controllers, captive portal, proxies, Active Directory, eDirectory, Exchange, Terminal Services, Syslog Parsing, XML API
Granular TLS/SSL decryption and verification (inbound and outbound); including support for TLS 1.3 and HTTP/2 protocols
Network functions: dynamic routing (RIP, OSPF, BGP, multiprotocol BGP), DHCP, DNS, NAT, route redistribution, ECMP, LLDP, tunnel content checking
QoS: policy-based traffic shaping (priority, guaranteed, maximum) per application, per user, per tunnel, based on DSCP classification
Virtual systems: logical, separately managed firewall instances within a single physical firewall, with traffic from each virtual system kept separate
Zone-based network segmentation and zone protection; DoS protection against flooding with new sessions
Threat Prevention (Subscription required)
Inline malware protection automatically enforced with daily updated, malware-based signatures
Vulnerability-based protection against network- and application-level exploits and evasion techniques, including port scans, buffer overflows, packet fragmentation, and obfuscation tactics
Prevent command-and-control (C2) activity that exfiltrates data or introduces secondary malware malware code; identify infected hosts through DNS sinkholing
URL Filtering (Subscription required)
Automatic defense against web-based attacks - by automatically blocking links contained in phishing emails, phishing URLs, HTTP-based C2, and exploit kit-infested websites
Ability to stop phishing for credentials
Custom URL categories, alerts and notification pages
IoT Security (Subscription required)
Accurate identification and classification of all devices on a network, including previously unknown devices
Device security through ML-assisted anomaly detection, vulnerability assessment, risk-based policy recommendations, and enforcement with Device ID policy (Device-based policy enforcement not available on VM-50, VM-50 Lite, or CN-Series devices)
No additional infrastructure required for activation on next-generation firewalls
WildFire-Malwareprotection (Subscription required)
Detection of zero-day malware and exploits with multi-layered, complementary analysis techniques
Automatic defense against most threats to networks, endpoints and clouds within seconds
Community-based data to help protect, with over 30,000 participants
AutoFocus Threat Intelligence (Subscription required)
Contextualization and classification of attacks, including malware family, attacker, and campaign, to accelerate assessment and response actions
Comprehensive, globally correlated threat intelligence from WildFire
Third-party threat intelligence for automated defenses
DNS Security (Subscription required)
Automatically blocks tens of millions of malicious domains through real-time analysis and continuously updated threat data from around the world
Machine learning-assisted analytics to quickly detect C2 activity or theft of data using DNS tunneling
Automated dynamic processes to identify and rapidly isolate infected devices according to guidelines
File and data filtering
Bi-directional control mechanisms to detect unauthorized transfer of certain file types, social security and credit card numbers, and data matching user-defined patterns
Network security for endpoints through GlobalProtect (Subscription required)
Remote access VPN (SSL, IPsec, clientless); mobile threat prevention and policy enforcement based on apps, users, content, devices, and device state
Data security for end devices of mobile users through application-specific configured VPN connections
Panorama for network security management (Subscription required to manage multiple firewalls)
Intuitive policy control with applications, users, threats, advanced malware defenses, URLs, file types, and data patterns in a single policy
Useful visibility into traffic and threats with Application Command Center (ACC); fully customizable reports
Aggregated logging and event correlation
Consistent, scalable management of up to 30,000 firewalls in hardware or from VM-Series, role-based access control, logical and hierarchical device groups, and templates
GUI, CLI, XML-based REST-API