Solution Overview

Net Optics and Palo Alto Networks are excited to offer

our customers an easily deployed and scalable solution

for maintaining network uptime while protecting it from

the many network security threats that exist today. The

Palo Alto Networks and Net Optics partnership delivers

a security solution consisting of Palo Alto Networks

PA-5000 Series of next-generation firewalls; Net Optics

Bypass™ (IBPO-HBSR-XFP); and Net Optics xBalancer™ (XF-

2XB). This solution enables customers to scale their Palo

Alto Networks deployments as their needs grow, while

maintaining network uptime through the use of easy-to-

implement High Availability (HA) features.

Palo Alto Networks’ PA-5000 Series of next-generation

firewalls is designed to protect data centers, large

enterprise Internet gateways, and service provider

environments where traffic demands dictate predictable

firewall and threat prevention throughput. These high

performance platforms are tailor-made to provide

enterprise firewall protection at throughput speeds of up

to 20 Gbps. Ideally suited for both datacenter and service

provider deployments, the PA-5000 Series is powered by

more than 40 processors distributed across four functional

areas: networking, security, content inspection and

management. Reliability and resiliency is delivered by

active/active or active/passive high availability; physical

separation of data and control plane; and redundant, hot

swappable components.

ONOFF

Router Switch

Net Optics iBypass

Net Optics xBalancer

Net Optics Bene�ts

Palo Alto Bene�ts

• iBypass ensures network uptime by monitoring xBalancer• Up to 16 NGFW in a single load balancing group• Maintain session stickiness through all PA-5000• Tool monitoring through configurable heartbeat packet

• App-ID: Classifying All Applications, All Ports, All the Time• Content-ID: Protecting Allowed Traffic• User-ID: Enabling Applications by Users and Groups• Secure Application Enablement

Palo Alto Networks PA-5000

Palo Alto Networks PA-5000 Palo Alto Networks PA-5000

Partner I Solution Brief

Palo Alto Networks and Net OpticsNext-generation Firewall Security with Expanding Scalability

A secure, resilient solution that expands easily to accommodate growth

• Easilyscaledeploymenttomeetgrowingneeds

• Handleincreasingtrafficvolumeswithoutinvestinginnew 10G capital equipment

• Protectyourapplicationinfrastructureagainstnetwork and application downtime

• Preventdevicefailurethrougheasy-to-implementhigh availability features

Figure 1

With this partnership solution, the Net Optics Bypass Switch

and xBalancer together with the Palo Alto NGFW gives

customers a solution that provides superior performance,

scalability, and resiliency for demanding network

environments. The use of a heartbeat to monitor both the

xBalancer and Palo Alto devices ensures that HA scenarios

are accounted for and provides a security solution which

can easily scale and maintain network uptime while offering

protection from threats that exist in networks today.

See Figure 1 for an illustration of how the solution works.

The Bypass Switch has two network ports which are

connected in-line to the upstream and downstream network

devices and two Monitor ports that connect to the Palo Alto

Networks solution. Under normal network conditions, the

Bypass Switch will pass a heartbeat through the appliance

to ensure operation and all network traffic will be routed

through the firewall.

xBalancer

Net Optics xBalancer is the first appliance in the industry built

specifically to prevent tool overburdening by distributing

the traffic load to multiple monitoring tools. xBalancer

thus allows customers to scale their deployments as the

need grows while insulating the network from device

failure through the use of easily implemented HA features.

xBalancer’s load-balancing capability splits traffic into

multiple streams so that data can be processed by multiple

tools working in parallel. It takes traffic from any network

port or aggregated set of network ports and distributes it to

two, three, four, or up to sixteen monitor ports for balancing

according to IP address, port, protocol, VLAN, and MAC

address, or other parameters.

Bypass Switches

By using a Net Optics Bypass Switch, customers can rest easy

knowing that their security solution won’t become a network

problem. The Bypass Switch will monitor the xBalancer

and in case of failure protect the network link in in-line

Net Optics® is a registered trademark of Net Optics, an Ixia company. Copyright 1996-2013 Net Optics, an Ixia company. All rights reserved. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.Palo Alto Networks and the Palo Alto Networks logo are registered trademarks or trademarks of Palo Alto Networks, Inc. or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied.

5303 Betsy Ross DriveSanta Clara, CA 95054Main: +1 (408) 737-7777www.netoptics.com

3300 Olcott StreetSanta Clara, CA 95054Main: +1 (408) 753-4000www.paloaltonetworks.com

Partner I Solution Brief

deployments. The Bypass Switch will also immediately detect

the change, either by link-state or by loss of the heartbeats,

and will re-route traffic around the xBalancer. Once xBalancer is

brought back online, traffic automatically resumes. Net Optics

offers a range of Bypass Switches, with copper or fiber ports,

and speeds of 10/100/1000 Mbps and 10 Gbps. The Bypass

Switches provide redundant power to maximize reliability of

the network. The joint solution from Palo Alto Networks and

Net Optics provides next-generation load-balancing capability

without compromising on reliability.

Net Optics

Net Optics is the leading provider of Total Application and

Network Visibility solutions that deliver real-time network

intelligence for peak performance in network monitoring and

security. As a result, businesses achieve the scalable end-to-

end visibility they need to optimize network performance of

physical, virtual and private cloud environments, and remote

branch offices. More than 8,000 enterprises, service providers

and government organizations—including 85 percent of the

Fortune 100—trust Net Optics’ comprehensive plug and play

family of application-aware NPM, Network Packet Broker,

Virtual/Cloud and Visibility Management System (VMS) solutions

to deliver immediate results and quick time to value through an

easy-to-use interface. Net Optics maintains a global presence

through leading OEM partner and reseller networks.

Palo Alto Networks

Palo Alto Networks™ next-generation firewalls enable

unprecedented visibility and granular policy control of

applications and content – by user, not just IP address – at 20

Gbps network throughput levels. Based on patent pending App-

ID™ technology, Palo Alto Networks firewalls accurately identify

and control applications – regardless of port, protocol, evasive

tactic or SSL encryption – and scan content to stop threats and

prevent data leakage. Enterprises can, for the first time, embrace

Web 2.0 and maintain complete visibility and control, while

significantly reducing total cost of ownership through device

consolidation.