Palo Alto PA-820

Palo Alto PA-820 Series is a family of next-generation firewall appliances that help secure enterprise branches and midsize business by preventing a broad range of cyberthreats while safely enabling applications.

Palo Alto PA-820 Firewall


App-ID firewall throughput 940 Mbps
Threat prevention throughput 610 Mbps
IPSec VPN throughput 400 Mbps
New sessions per second 8.300
Max sessions 128.000
Virtual systems (base) 1

Hardware Specification

Interfaces supported4 4x 10/100/1000, 8x SFP
Management I/O 10/100/1000 out-ofband management, 2x 10/100/1000 high availability, RJ-45 console, USB, Micro USB console port
Rack mountable? 1U, 19” standard rack
Power supply 200W
Redundant power supply? No
Disk drives 240GB SSD
Hot swap fans No

Full visibility, granular control and power to prevent network threats


Classifies all applications, on all ports, all the time

PA-800 Series appliances identify any application, regardless of port, encryption (SSL or SSH) or evasive technique employed, and use the application – not the port – as the basis for all your safe enablement policy decisions: allow, deny, schedule, inspect and apply traffic-shaping. They also categorize unidentified applications for policy control, threat forensics or custom App-ID™ development.

Learn more >

Enforces security policies for any user, at any location

Enforces security policies for any user, at any location

The PA-800 Series NGFWs are integrated on multiple levels to facilitate policy deployment and enforcement. You can deploy consistent policies to local and remote users running on Windows®, macOS®, Linux, Android® or Apple® iOS platforms. You get agentless integration with Microsoft® Active Directory® and Terminal Services, LDAP, Novell® eDirectory™ and Citrix®, and you can integrate your firewall policies easily with 802.1X wireless, proxies, network access control and other sources of user identity.

Prevents known and unknown threats

Prevents known and unknown threats

PA-800 Series appliances block a range of threats, including exploits, malware and spyware, across all ports, regardless of common threat-evasion tactics employed. They limit the unauthorized transfer of files and sensitive data to safely enable applications. They also identify unknown malware, analyze it based on hundreds of malicious behaviors, and then automatically create and deliver protection.

Learn what’s new >