Solution Overview
Net Optics and Palo Alto Networks are excited to offer
our customers an easily deployed and scalable solution
for maintaining network uptime while protecting it from
the many network security threats that exist today. The
Palo Alto Networks and Net Optics partnership delivers
a security solution consisting of Palo Alto Networks
PA-5000 Series of next-generation firewalls; Net Optics
Bypass™ (IBPO-HBSR-XFP); and Net Optics xBalancer™ (XF-
2XB). This solution enables customers to scale their Palo
Alto Networks deployments as their needs grow, while
maintaining network uptime through the use of easy-to-
implement High Availability (HA) features.
Palo Alto Networks’ PA-5000 Series of next-generation
firewalls is designed to protect data centers, large
enterprise Internet gateways, and service provider
environments where traffic demands dictate predictable
firewall and threat prevention throughput. These high
performance platforms are tailor-made to provide
enterprise firewall protection at throughput speeds of up
to 20 Gbps. Ideally suited for both datacenter and service
provider deployments, the PA-5000 Series is powered by
more than 40 processors distributed across four functional
areas: networking, security, content inspection and
management. Reliability and resiliency is delivered by
active/active or active/passive high availability; physical
separation of data and control plane; and redundant, hot
swappable components.
ONOFF
Router Switch
Net Optics iBypass
Net Optics xBalancer
Net Optics Bene�ts
Palo Alto Bene�ts
• iBypass ensures network uptime by monitoring xBalancer• Up to 16 NGFW in a single load balancing group• Maintain session stickiness through all PA-5000• Tool monitoring through configurable heartbeat packet
• App-ID: Classifying All Applications, All Ports, All the Time• Content-ID: Protecting Allowed Traffic• User-ID: Enabling Applications by Users and Groups• Secure Application Enablement
Palo Alto Networks PA-5000
Palo Alto Networks PA-5000 Palo Alto Networks PA-5000
Partner I Solution Brief
Palo Alto Networks and Net OpticsNext-generation Firewall Security with Expanding Scalability
A secure, resilient solution that expands easily to accommodate growth
• Easilyscaledeploymenttomeetgrowingneeds
• Handleincreasingtrafficvolumeswithoutinvestinginnew 10G capital equipment
• Protectyourapplicationinfrastructureagainstnetwork and application downtime
• Preventdevicefailurethrougheasy-to-implementhigh availability features
Figure 1
With this partnership solution, the Net Optics Bypass Switch
and xBalancer together with the Palo Alto NGFW gives
customers a solution that provides superior performance,
scalability, and resiliency for demanding network
environments. The use of a heartbeat to monitor both the
xBalancer and Palo Alto devices ensures that HA scenarios
are accounted for and provides a security solution which
can easily scale and maintain network uptime while offering
protection from threats that exist in networks today.
See Figure 1 for an illustration of how the solution works.
The Bypass Switch has two network ports which are
connected in-line to the upstream and downstream network
devices and two Monitor ports that connect to the Palo Alto
Networks solution. Under normal network conditions, the
Bypass Switch will pass a heartbeat through the appliance
to ensure operation and all network traffic will be routed
through the firewall.
xBalancer
Net Optics xBalancer is the first appliance in the industry built
specifically to prevent tool overburdening by distributing
the traffic load to multiple monitoring tools. xBalancer
thus allows customers to scale their deployments as the
need grows while insulating the network from device
failure through the use of easily implemented HA features.
xBalancer’s load-balancing capability splits traffic into
multiple streams so that data can be processed by multiple
tools working in parallel. It takes traffic from any network
port or aggregated set of network ports and distributes it to
two, three, four, or up to sixteen monitor ports for balancing
according to IP address, port, protocol, VLAN, and MAC
address, or other parameters.
Bypass Switches
By using a Net Optics Bypass Switch, customers can rest easy
knowing that their security solution won’t become a network
problem. The Bypass Switch will monitor the xBalancer
and in case of failure protect the network link in in-line
Net Optics® is a registered trademark of Net Optics, an Ixia company. Copyright 1996-2013 Net Optics, an Ixia company. All rights reserved. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.Palo Alto Networks and the Palo Alto Networks logo are registered trademarks or trademarks of Palo Alto Networks, Inc. or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied.
5303 Betsy Ross DriveSanta Clara, CA 95054Main: +1 (408) 737-7777www.netoptics.com
3300 Olcott StreetSanta Clara, CA 95054Main: +1 (408) 753-4000www.paloaltonetworks.com
Partner I Solution Brief
deployments. The Bypass Switch will also immediately detect
the change, either by link-state or by loss of the heartbeats,
and will re-route traffic around the xBalancer. Once xBalancer is
brought back online, traffic automatically resumes. Net Optics
offers a range of Bypass Switches, with copper or fiber ports,
and speeds of 10/100/1000 Mbps and 10 Gbps. The Bypass
Switches provide redundant power to maximize reliability of
the network. The joint solution from Palo Alto Networks and
Net Optics provides next-generation load-balancing capability
without compromising on reliability.
Net Optics
Net Optics is the leading provider of Total Application and
Network Visibility solutions that deliver real-time network
intelligence for peak performance in network monitoring and
security. As a result, businesses achieve the scalable end-to-
end visibility they need to optimize network performance of
physical, virtual and private cloud environments, and remote
branch offices. More than 8,000 enterprises, service providers
and government organizations—including 85 percent of the
Fortune 100—trust Net Optics’ comprehensive plug and play
family of application-aware NPM, Network Packet Broker,
Virtual/Cloud and Visibility Management System (VMS) solutions
to deliver immediate results and quick time to value through an
easy-to-use interface. Net Optics maintains a global presence
through leading OEM partner and reseller networks.
Palo Alto Networks
Palo Alto Networks™ next-generation firewalls enable
unprecedented visibility and granular policy control of
applications and content – by user, not just IP address – at 20
Gbps network throughput levels. Based on patent pending App-
ID™ technology, Palo Alto Networks firewalls accurately identify
and control applications – regardless of port, protocol, evasive
tactic or SSL encryption – and scan content to stop threats and
prevent data leakage. Enterprises can, for the first time, embrace
Web 2.0 and maintain complete visibility and control, while
significantly reducing total cost of ownership through device
consolidation.