Palo Alto Networks Enterprise Firewall PA-5220
No Compromise Security, High-Performance Versatility
Looking for sizing recommendation? Take our Firewall Sizing Survey
Please Note: We cannot provide sizing recommendations for Palo Alto firewalls being deployed outside of the United States. Palo Alto firewalls are only available for
licensed businesses (not home users). Palo Alto firewalls cannot be sold outside of the United States excluding Canada. 1 Year minimum of Partner Enabled Backline Support is required for all new Palo Alto firewall purchases
Palo Alto Networks Products
PA-5200 Series Hardware
-
Palo Alto Networks PA-5220 with redundant AC power supplies#PAN-PA-5220-AC
List Price:$56,440.00
Our Price: $53,618.00
-
Palo Alto Networks PA-5220 with redundant DC power supplies#PAN-PA-5220-DC
List Price:$56,440.00
Our Price: $53,618.00
Partner Enabled Premium Support
-
Partner enabled premium support year 1, PA-5220#PAN-SVC-BKLN-5220
Our Price: $10,160.00
-
Partner enabled premium support year 1 renewal, PA-5220#PAN-SVC-BKLN-5220-R
Our Price: $10,160.00
-
Partner enabled premium support 3 year prepaid, PA-5220#PAN-SVC-BKLN-5220-3YR
Our Price: $30,480.00
-
Partner enabled premium support 3 year prepaid renewal, PA-5220#PAN-SVC-BKLN-5220-3YR-R
Our Price: $30,480.00
-
Partner enabled premium support 5 year prepaid, PA-5220#PAN-SVC-BKLN-5220-5YR
Our Price: $50,800.00
-
Partner enabled premium support 5 year prepaid renewal, PA-5220#PAN-SVC-BKLN-5220-5YR-R
Our Price: $50,800.00
Click here to jump to more pricing!
Overview:
Key Security Features:
Classifies all applications, on all ports, all the time- Identifies the application, regardless of port, encryption (SSL or SSH), or evasive technique employed
- Uses the application, not the port, as the basis for all of your safe enablement policy decisions: allow, deny, schedule, inspect and apply traffic-shaping
- Categorizes unidentified applications for policy control, threat forensics or App-ID™ application identification technology development
- Deploys consistent policies to local and remote users running on the Windows®, Mac® OS X®, Linux®, Android™ or Apple® iOS platforms
- Enables agentless integration with Microsoft® Active Directory® and Terminal Services, LDAP, Novell® eDirectory™ and Citrix®
- Easily integrates your firewall policies with 802.1X wireless, proxies, NAC solutions, and any other source of user identity information
- Blocks a range of known threats, including exploits, malware and spyware, across all ports, regardless of common threat-evasion tactics employed
- Limits the unauthorized transfer of files and sensitive data, and safely enables non-work-related web surfing
- Identifies unknown malware, analyzes it based on hundreds of malicious behaviors, and then automatically creates and delivers protection
The controlling element of the PA-5200 Series is PAN-OS®, security operating system, which that natively classifies all traffic, inclusive of applications, threats and content, and then ties that traffic to the user, regardless of location or device type. The application, content and user – in other words, the business elements that run your business – are then used as the basis of your security policies, resulting in an improved security posture and a reduction in incident response time.
| Performance and Capacities1 | PA-5260 | PA-5250 | PA-5220 |
| Firewall throughput2 (App-ID enabled) | 72.2 Gbps | 35.9 Gbps | 18.5 Gbps |
| Threat prevention throughput3 | 30 Gbps | 20.3 Gbps | 9.2 Gbps |
| IPsec VPN throughput | 21 Gbps | 14 Gbps | 5 Gbps |
| Max sessions | 32,000,000 | 8,000,000 | 4,000,000 |
| New sessions per second4 | 458,000 | 348,000 | 169,000 |
| Virtual systems (base/max5) | 25/225 | 25/125 | 10/20 |
- Performance and capacities are measured under ideal testing conditions.
- Firewall throughput measured with App-ID and User-ID features enabled utilizing 64K HTTP transactions
- Threat prevention throughput measured with App-ID, User-ID, IPS, AntiVirus and Anti-Spyware features enabled utilizing 64K HTTP transactions
- New sessions per second is measured with 4K HTTP transactions
- Adding virtual systems base quantity requires a separately purchased license
Networking Features:
| Interface Modes |
|
| Routing |
|
| IPv6 |
|
| IPsec VPN |
|
| VLANs |
|
| Network Address Translation (NAT) |
|
| High Availability |
| Modes: Active/Active, Active/Passive Failure detection: Path monitoring, interface monitoring |
Technical Specifications:
| I/O |
PA-5260 | PA-5250 - (4) 100/1000/10G Cu, (16) Gig/10Gig SFP/SFP+, (4) 40G/100G QSFP28 PA-5220 – (4)100/1000/10G Cu, (16) Gig/10Gig SFP/SFP+, (4) 40G QSFP+ |
| Management I/O |
PA-5260 | PA-5250 - (2) 10/100/1000, (1) 40G/100G QSFP28 HA, (1) 10/100/1000 out-of-band management, (1) RJ45 console port PA-5220 - (2) 10/100/1000, (1) 40G QSFP+ HA, (1) 10/100/1000 out-of-band management, (1) RJ45 console port |
| Storage Options |
Dual Solid State Disk Drives |
| Storage Capacity |
240GB SSD, RAID1, System Storage 2TB HDD, RAID1, Log Storage |
| Power (Max Power Consumption) |
870 Watts |
| Max BTU/hr |
2,970 |
| Power Supplies (base/max) |
1:1 Fully Redundant (2/2) |
| AC Input Voltage (input Hz) |
100-240VAC (50-60Hz) |
| AC Power Supply Output |
1200 Watt/power supply |
| Max Current |
AC power supplies — 6.5A@100-240VAC DC power supplies — 19A@-40 to -60VDC |
| Max Inrush Current |
AC power supplies — 50A@230VAC, 50A@120VAC DC power supplies — 200A@72VDC |
| Mean Time Between Failure (MTBF) |
9.23 Years |
| Rack Mount (Dimensions) |
3U, 19” Standard Rack 5.25”H X 20.5”D X 17.25”W (13.33cm X 52.07cm X 43.81cm) |
| Weight |
46lbs (20.87Kg) System only, 62lbs (28.13Kg) as shipped |
| Safety |
cCSAus, CB IEC60950-1 |
| EMI |
FCC Class A, CE Class A, VCCI Class A |
| Certifications |
See https://www.paloaltonetworks.com/company/certifications.html |
| Environment |
Operating Temperature: 32°F to 122°F (0° to 50°C) Non-Operating Temperature: -20° to 70°C (-4°F to 158°F) |
Documentation:
Download the Palo Alto Networks Firewall Overview Datasheet (PDF).
Download the Palo Alto Networks PA-5200 Series Specification Datasheet (PDF).
Pricing Notes:
- Pricing subject to change without notice.
- We cannot provide sizing recommendations for Palo Alto firewalls being deployed outside of the United States.
Palo Alto firewalls are only available for licensed businesses (not home users). Palo Alto firewalls cannot be sold outside of the United States excluding Canada. 1 Year minimum of Partner Enabled Backline Support is required for all new Palo Alto firewall purchases
-
Palo Alto Networks PA-5220 with redundant AC power supplies#PAN-PA-5220-AC
List Price:$56,440.00
Our Price: $53,618.00
-
Palo Alto Networks PA-5220 with redundant DC power supplies#PAN-PA-5220-DC
List Price:$56,440.00
Our Price: $53,618.00
-
Virtual systems upgrade - Additional 10 virtual systems (10 to 20) for PA-5220#PAN-PA-5220-VSYS-10
List Price:$20,160.00
Our Price: $19,152.00
Partner Enabled Premium Support
-
Partner enabled premium support year 1, PA-5220#PAN-SVC-BKLN-5220
Our Price: $10,160.00
-
Partner enabled premium support year 1 renewal, PA-5220#PAN-SVC-BKLN-5220-R
Our Price: $10,160.00
-
Partner enabled premium support 3 year prepaid, PA-5220#PAN-SVC-BKLN-5220-3YR
Our Price: $30,480.00
-
Partner enabled premium support 3 year prepaid renewal, PA-5220#PAN-SVC-BKLN-5220-3YR-R
Our Price: $30,480.00
-
Partner enabled premium support 5 year prepaid, PA-5220#PAN-SVC-BKLN-5220-5YR
Our Price: $50,800.00
-
Partner enabled premium support 5 year prepaid renewal, PA-5220#PAN-SVC-BKLN-5220-5YR-R
Our Price: $50,800.00
DNS Security Subscriptions
-
DNS Security subscription renewal, PA-5220#PAN-PA-5220-DNS-R
Request a Quote for Pricing!
-
DNS Security subscription 3-year prepaid, PA-5220#PAN-PA-5220-DNS-3YR
Request a Quote for Pricing!
-
DNS Security subscription 3-year prepaid renewal, PA-5220#PAN-PA-5220-DNS-3YR-R
Request a Quote for Pricing!
-
DNS Security subscription 5-year prepaid, PA-5220#PAN-PA-5220-DNS-5YR
Request a Quote for Pricing!
-
DNS Security subscription 5-year prepaid renewal, PA-5220#PAN-PA-5220-DNS-5YR-R
Request a Quote for Pricing!
DNS Security Subscriptions for device in an HA pair
-
DNS Security subscription for device in an HA pair year 1, PA-5220#PAN-PA-5220-DNS-HA2
Request a Quote for Pricing!
-
DNS Security subscription for device in an HA pair renewal, PA-5220#PAN-PA-5220-DNS-HA2-R
Request a Quote for Pricing!
-
DNS Security subscription 3 year prepaid for device in an HA pair, PA-5220#PAN-PA-5220-DNS-3YR-HA2
Request a Quote for Pricing!
-
DNS Security subscription 3 year prepaid renewal for device in an HA pair, PA-5220#PAN-PA-5220-DNS-3YR-HA2-R
Request a Quote for Pricing!
-
DNS Security subscription 5 year prepaid for device in an HA pair, PA-5220#PAN-PA-5220-DNS-5YR-HA2
Request a Quote for Pricing!
-
DNS Security subscription 5 year prepaid renewal for device in an HA pair, PA-5220#PAN-PA-5220-DNS-5YR-HA2-R
Request a Quote for Pricing!
GlobalProtect Subscriptions
-
GlobalProtect subscription renewal, PA-5220#PAN-PA-5220-GP-R
Request a Quote for Pricing!
-
GlobalProtect subscription 3-year prepaid, PA-5220#PAN-PA-5220-GP-3YR
Request a Quote for Pricing!
-
GlobalProtect subscription 3-year prepaid renewal, PA-5220#PAN-PA-5220-GP-3YR-R
Request a Quote for Pricing!
-
GlobalProtect subscription 5-year prepaid, PA-5220#PAN-PA-5220-GP-5YR
Request a Quote for Pricing!
-
GlobalProtect subscription 5-year prepaid renewal, PA-5220#PAN-PA-5220-GP-5YR-R
Request a Quote for Pricing!
GlobalProtect Subscriptions for device in an HA pair
-
GlobalProtect subscription for device in an HA pair year 1, PA-5220#PAN-PA-5220-GP-HA2
Request a Quote for Pricing!
-
GlobalProtect subscription for device in an HA pair renewal, PA-5220#PAN-PA-5220-GP-HA2-R
Request a Quote for Pricing!
-
GlobalProtect subscription 3 year prepaid for device in an HA pair, PA-5220#PAN-PA-5220-GP-3YR-HA2
Request a Quote for Pricing!
-
GlobalProtect subscription 3 year prepaid renewal for device in an HA pair, PA-5220#PAN-PA-5220-GP-3YR-HA2-R
Request a Quote for Pricing!
-
GlobalProtect subscription 5 year prepaid for device in an HA pair, PA-5220#PAN-PA-5220-GP-5YR-HA2
Request a Quote for Pricing!
-
GlobalProtect subscription 5 year prepaid renewal for device in an HA pair, PA-5220#PAN-PA-5220-GP-5YR-HA2-R
Request a Quote for Pricing!
Threat Prevention Subscriptions
-
Threat prevention subscription year 1, PA-5220#PAN-PA-5220-TP
Request a Quote for Pricing!
-
Threat prevention subscription renewal, PA-5220#PAN-PA-5220-TP-R
Request a Quote for Pricing!
-
Threat prevention subscription 3-year prepaid, PA-5220#PAN-PA-5220-TP-3YR
Request a Quote for Pricing!
-
Threat prevention subscription 3-year prepaid renewal, PA-5220#PAN-PA-5220-TP-3YR-R
Request a Quote for Pricing!
-
Threat prevention subscription 5-year prepaid, PA-5220#PAN-PA-5220-TP-5YR
Request a Quote for Pricing!
-
Threat prevention subscription 5-year prepaid renewal, PA-5220#PAN-PA-5220-TP-5YR-R
Request a Quote for Pricing!
Threat Prevention Subscriptions for device in an HA pair
-
Threat prevention subscription for device in an HA pair year 1, PA-5220#PAN-PA-5220-TP-HA2
Request a Quote for Pricing!
-
Threat prevention subscription for device in an HA pair renewal, PA-5220#PAN-PA-5220-TP-HA2-R
Request a Quote for Pricing!
-
Threat prevention subscription 3 year prepaid for device in an HA pair, PA-5220#PAN-PA-5220-TP-3YR-HA2
Request a Quote for Pricing!
-
Threat prevention subscription 3 year prepaid renewal for device in an HA pair, PA-5220#PAN-PA-5220-TP-3YR-HA2-R
Request a Quote for Pricing!
-
Threat prevention subscription 5 year prepaid for device in an HA pair, PA-5220#PAN-PA-5220-TP-5YR-HA2
Request a Quote for Pricing!
-
Threat prevention subscription 5 year prepaid renewal for device in an HA pair, PA-5220#PAN-PA-5220-TP-5YR-HA2-R
Request a Quote for Pricing!
URL filtering Subscriptions
-
BrightCloud URL filtering subscription renewal, PA-5220#PAN-PA-5220-URL2-R
Request a Quote for Pricing!
-
BrightCloud URL filtering subscription for device in an HA pair renewal, PA-5220#PAN-PA-5220-URL2-HA2-R
Request a Quote for Pricing!
-
PANDB URL filtering subscription year 1, PA-5220#PAN-PA-5220-URL4
Request a Quote for Pricing!
-
PANDB URL filtering subscription renewal, PA-5220#PAN-PA-5220-URL4-R
Request a Quote for Pricing!
-
PANDB URL filtering subscription 3-year prepaid, PA-5220#PAN-PA-5220-URL4-3YR
Request a Quote for Pricing!
-
PANDB URL filtering subscription 3-year prepaid renewal, PA-5220#PAN-PA-5220-URL4-3YR-R
Request a Quote for Pricing!
-
PANDB URL filtering subscription 5-year prepaid, PA-5220#PAN-PA-5220-URL4-5YR
Request a Quote for Pricing!
-
PANDB URL filtering subscription 5-year prepaid renewal, PA-5220#PAN-PA-5220-URL4-5YR-R
Request a Quote for Pricing!
URL filtering Subscriptions for device in an HA pair
-
PANDB URL filtering subscription for device in an HA pair year 1, PA-5220#PAN-PA-5220-URL4-HA2
Request a Quote for Pricing!
-
PANDB URL filtering subscription for device in an HA pair renewal, PA-5220#PAN-PA-5220-URL4-HA2-R
Request a Quote for Pricing!
-
PANDB URL filtering subscription 3 year prepaid for device in an HA pair, PA-5220#PAN-PA-5220-URL4-3YR-HA2
Request a Quote for Pricing!
-
PANDB URL filtering subscription 3 year prepaid renewal for device in an HA pair, PA-5220#PAN-PA-5220-URL4-3YR-HA2-R
Request a Quote for Pricing!
-
PANDB URL filtering subscription 5 year prepaid for device in an HA pair, PA-5220#PAN-PA-5220-URL4-5YR-HA2
Request a Quote for Pricing!
-
PANDB URL filtering subscription 5 year prepaid renewal for device in an HA pair, PA-5220#PAN-PA-5220-URL4-5YR-HA2-R
Request a Quote for Pricing!
WildFire Subscriptions
-
WildFire subscription 3-year prepaid, PA-5220#PAN-PA-5220-WF-3YR
Request a Quote for Pricing!
-
WildFire subscription 3-year prepaid renewal, PA-5220#PAN-PA-5220-WF-3YR-R
Request a Quote for Pricing!
-
WildFire subscription 5-year prepaid, PA-5220#PAN-PA-5220-WF-5YR
Request a Quote for Pricing!
-
WildFire subscription 5-year prepaid renewal, PA-5220#PAN-PA-5220-WF-5YR-R
Request a Quote for Pricing!
WildFire Subscriptions for device in an HA pair
-
WildFire subscription for device in an HA pair year 1, PA-5220#PAN-PA-5220-WF-HA2
Request a Quote for Pricing!
-
WildFire subscription for device in an HA pair renewal, PA-5220#PAN-PA-5220-WF-HA2-R
Request a Quote for Pricing!
-
WildFire subscription 3 year prepaid for device in an HA pair, PA-5220#PAN-PA-5220-WF-3YR-HA2
Request a Quote for Pricing!
-
WildFire subscription 3 year prepaid renewal for device in an HA pair, PA-5220#PAN-PA-5220-WF-3YR-HA2-R
Request a Quote for Pricing!
-
WildFire subscription 5 year prepaid for device in an HA pair, PA-5220#PAN-PA-5220-WF-5YR-HA2
Request a Quote for Pricing!
-
WildFire subscription 5 year prepaid renewal for device in an HA pair, PA-5220#PAN-PA-5220-WF-5YR-HA2-R
Request a Quote for Pricing!
4-hr Platinum Support
-
4-hr Platinum Support , year 1, PA-5220#PAN-SVC-4HR-PLAT-5220
Request a Quote for Pricing!
-
4-hr Platinum Support renewal , 1 year, PA-5220#PAN-SVC-4HR-PLAT-5220-R
Request a Quote for Pricing!
-
4-hr Platinum Support 3-year prepaid , PA-5220#PAN-SVC-4HR-PLAT-5220-3YR
Request a Quote for Pricing!
-
4-hr Platinum Support 3-year prepaid renewal , PA-5220#PAN-SVC-4HR-PLAT-5220-3YR-R
Request a Quote for Pricing!
-
4-hr Platinum Support 5-year prepaid , PA-5220#PAN-SVC-4HR-PLAT-5220-5YR
Request a Quote for Pricing!
-
4-hr Platinum Support 5-year prepaid renewal , PA-5220#PAN-SVC-4HR-PLAT-5220-5YR-R
Request a Quote for Pricing!
4-Hour Premium Support
-
4-Hour Premium support renewal, PA-5220#PAN-SVC-4HR-5220-R
Request a Quote for Pricing!
-
4-Hour Premium support 3-year prepaid, PA-5220#PAN-SVC-4HR-5220-3YR
Request a Quote for Pricing!
-
4-Hour Premium support 3-year prepaid renewal, PA-5220#PAN-SVC-4HR-5220-3YR-R
Request a Quote for Pricing!
-
4-Hour Premium support 5 year prepaid, PA-5220#PAN-SVC-4HR-5220-5YR
Request a Quote for Pricing!
-
4-Hour Premium support 5 year prepaid renewal, PA-5220#PAN-SVC-4HR-5220-5YR-R
Request a Quote for Pricing!
Platinum Support
-
Platinum support renewal , 1 year, PA-5220#PAN-SVC-PLAT-5220-R
Request a Quote for Pricing!
-
Platinum support 3-year prepaid , PA-5220#PAN-SVC-PLAT-5220-3YR
Request a Quote for Pricing!
-
Platinum support 3-year prepaid renewal , PA-5220#PAN-SVC-PLAT-5220-3YR-R
Request a Quote for Pricing!
-
Platinum support 5-year prepaid , PA-5220#PAN-SVC-PLAT-5220-5YR
Request a Quote for Pricing!
-
Platinum support 5-year prepaid renewal , PA-5220#PAN-SVC-PLAT-5220-5YR-R
Request a Quote for Pricing!
Premium Support
-
Premium support 3-year prepaid, PA-5220#PAN-SVC-PREM-5220-3YR
Request a Quote for Pricing!
-
Premium support 3-year prepaid renewal, PA-5220#PAN-SVC-PREM-5220-3YR-R
Request a Quote for Pricing!
-
Premium support 5 year prepaid, PA-5220#PAN-SVC-PREM-5220-5YR
Request a Quote for Pricing!
-
Premium support 5 year prepaid renewal, PA-5220#PAN-SVC-PREM-5220-5YR-R
Request a Quote for Pricing!
Standard Support
-
Standard support 3-year prepaid, PA-5220#PAN-SVC-STND-5220-3YR
Request a Quote for Pricing!
-
Standard support 3-year prepaid renewal, PA-5220#PAN-SVC-STND-5220-3YR-R
Request a Quote for Pricing!
-
2.5 inch spare 240GB SSD drives for PA-5200 Series, shipped in pair#PAN-2.5IN-SSD-240GB-PAIR
Our Price: $950.00
-
PA-5200 Series spare fan tray#PAN-PA-5200-FANTRAY
Our Price: $1,425.00
-
PA-5200 Series Filter Kit. Includes 2 filter frames and media.#PAN-PA-5200-FLTR
Our Price: $190.00
-
PA-5200 Series Filter Media Kit. Includes quantity 10 filter media. Does NOT include filter frames.#PAN-PA-5200-FLTR-MEDIA
Our Price: $95.00
-
Palo Alto Networks PA-5200 4 post rack mount kit.#PAN-PA-5200-RACK4
Our Price: $142.50
-
PA-5200 Series Accessory Kit#PAN-PA-5200-ACC
Our Price: $47.50
-
PA-5200 series shipping boxes - 5 cartons#PAN-PA-5200-BOX-SET
Our Price: $190.00
-
Imaged SSD for PA-5200 Series.#PAN-PA-5200-SSD-240GB-IMG
Our Price: $712.50
-
SD-WAN subscription year 1, PA-5220#PAN-PA-5220-SDWAN
Our Price: $11,290.00
-
SD-WAN subscription renewal, PA-5220#PAN-PA-5220-SDWAN-R
Our Price: $11,290.00
-
SD-WAN subscription 3-year prepaid, PA-5220#PAN-PA-5220-SDWAN-3YR
Our Price: $30,490.00
-
SD-WAN subscription 3-year prepaid renewal, PA-5220#PAN-PA-5220-SDWAN-3YR-R
Our Price: $30,490.00
-
SD-WAN subscription 5-year prepaid, PA-5220#PAN-PA-5220-SDWAN-5YR
Our Price: $50,810.00
-
SD-WAN subscription 5-year prepaid renewal, PA-5220#PAN-PA-5220-SDWAN-5YR-R
Our Price: $50,810.00
-
SD-WAN subscription for device in an HA pair year 1, PA-5220#PAN-PA-5220-SDWAN-HA2
Our Price: $10,170.00
-
SD-WAN subscription for device in an HA pair renewal, PA-5220#PAN-PA-5220-SDWAN-HA2-R
Our Price: $10,170.00
-
SD-WAN subscription 3 year prepaid renewal for device in an HA pair, PA-5220#PAN-PA-5220-SDWAN-3YR-HA2-R
Our Price: $28,660.00
-
SD-WAN subscription 3 year prepaid for device in an HA pair, PA-5220#PAN-PA-5220-SDWAN-3YR-HA2
Our Price: $28,660.00
-
SD-WAN subscription 5 year prepaid for device in an HA pair, PA-5220#PAN-PA-5220-SDWAN-5YR-HA2
Our Price: $47,760.00
-
SD-WAN subscription 5 year prepaid renewal for device in an HA pair, PA-5220#PAN-PA-5220-SDWAN-5YR-HA2-R
Our Price: $47,760.00