any suggestion to replace current PA3020?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

any suggestion to replace current PA3020?

L1 Bithead

Hi.

we are planning to replace/upgrade current PA3020 to a newer PA model.

could you please suggest which model is the best suitable with my requirement below?

thank you.

 

Current PA3020 Setup Info

- using 5 virtual routers

- using aggregate interfaces

- as Internet Gateway

- as small Data Center Gateway (AD, some storages and a few apps)

- around 500 users 

- the firewall interfaces will be connected to 2.5G or 10G interfaces at switch.

 

4 REPLIES 4

Cyber Elite
Cyber Elite

Hi @zinkt101 ,

 

The PA-1410 is a great replacement NGFW for the PA-3020.

 

  • 10 virtual routers
  • LACP
  • 3x threat prevention throughput of 3.2 Gbps
  • almost 1M max sessions
  • 2.5G and 10G interfaces

The PA-400 Series do not have 10G interfaces.  I would not purchase an older model.  The PA-1410 will have a longer life span.

 

Thanks,

 

Tom

Help the community: Like helpful comments and mark solutions.

hi  Thank you for your suggestion. If I were to choose from the 1400 series, I would prefer the PA-1420 because it has 8 Ethernet interfaces with 2.5/5G capabilities, compared to the PA-1410 which only has 4 interfaces.

 

I have setup budget for PA3410 🙂

do you know how is the difference between PA 3400 series and PA1400 series.

Also, I found out that the PA-1420 can support only up to 1500 security rules.

 

this is the current usage of PA3020

 

- we don't use SSL decryption

- data plane status is Max 50 - 60%

- Max session is around 65000/250000

- security rules - 500 - 700/2500

- virtual router 6/10 with segmentation

 

@TomYoung

thank you for your suggestions   

If I were chosen PA1400 series, I would choose PA1420 because it has eight 2.5/5 Gigabit ethernet interfaces compared to PA1410 which has only 4 interfaces.

I also found that PA1420 support only 1500 security policy rules which is too less compared to PA3410.

 

I have budget set for PA3410 🙂 

 

do you know what is the big difference between PA1400 series and PA3400 series.

 

the current PA3020 utilization is as below.

 

- we don't use SSL decryption

- data plane status is Max 50 - 60%

- Max session is around 65000/250000

- security rules - 500 - 700/2500

- virtual router 6/10 with segmentation

@TomYoung

Cyber Elite
Cyber Elite

Hi @zinkt101 ,

 

The Product Selection tool is a great way to compare NGFWs -> https://www.paloaltonetworks.com/products/product-comparison?chosen=pa-3410,pa-1420,pa-3420.

 

It should highlight the main differences.

 

Thanks,

 

Tom

Help the community: Like helpful comments and mark solutions.
  • 2240 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!