Palo Alto PA-220R

The Palo Alto PA-220R is a next-generation firewall appliance in a ruggedized form factor, providing rock-solid network security for severe environments, such as utility substations, power plants, manufacturing plants, oil and gas facilities, building management systems, and healthcare networks.

Palo Alto PA-220R Firewall


App-ID firewall throughput 500/560 Mbps
Threat prevention throughput 150/260 Mbps
IPSec VPN throughput 100 Mbps
New sessions per second 4.200
Max sessions 64.000
Virtual systems (base) 1

Hardware Specification

Interfaces supported4 8x 10/100/1000
Management I/O 10/100/1000 out-ofband management, RJ-45 console, USB, Micro USB console port
Rack mountable? 2.0” H x 8.66” D x 9.25” W
Power supply Dual redundant 40W
Redundant power supply? Yes (optional)
Disk drives 32GB EMMC
Hot swap fans No

Combines simplicity and unparalleled reliability


Classifies all applications, on all ports, all the time

The PA-220R identifies any application, regardless of port, encryption (SSL or SSH) or evasive technique employed, and uses the application – not the port – as the basis for all your safe enablement policy decisions: allow, deny, schedule, inspect and apply traffic-shaping. It also categorizes unidentified applications for policy control, threat forensics or custom App-ID development.

Enforces security policies for any user, at any location

Enforces security policies for any user, at any location

The PA-220R lets you deploy consistent policies to local and remote users running on Windows®, macOS®, Linux, Android® or Apple® iOS platforms. You get agentless integration with Microsoft® Active Directory® and Terminal Services, LDAP, Novell® eDirectory and Citrix®, and you can integrate your firewall policies easily with 802.1X wireless, proxies, network access control and other sources of user identity.

Prevents known and unknown threats

Prevents known and unknown threats

The PA-220R blocks a range of threats, including exploits, malware and spyware, across all ports, regardless of common threat-evasion tactics employed. It limits the unauthorized transfer of files and sensitive data to safely enable non-work-related web surfing. It also identifies unknown malware, analyzes it based on hundreds of malicious behaviors, and then automatically creates and delivers protection.

Read More >