Hello all, it has been a long time since my last post, but do not worry, after a successful operation (just for health) I am ready again to disturb you with my boring posts...

Well today I would like to do my first post about Palo Alto and there is no better possibility rather than start explaining how works one of the best Firewall in the market.

Palo Alto NGFW has as a differential factor its architecture well-known as Single Pass Parallel Processing or SP3 in advance. This architecture involves two main components:

1. Single Pass Software.

Single Pass Sotware performs all operations only once per packet, that is, during a packet processing, routing is evaluated only once, user identification (User-id) only once, traffic classification (App-id) only once, signature matching for threats and contents (content-id) only once, policy lookup only once… so this feature highly reduces the system overhead.

Moreover, Single Pass Software uses uniform signature matching patterns so Palo Alto scans the contents only once (stream based) rather than separate scan engines and signature sets reducing the latency introduction and throughput degradation.

2. Parallel Processing Hardware.

Parallel Processing Hardware consist in two hardware dedicated backplanes, one for management and one for data, so there is parallel processing at hardware level causing a better performance, in fact, this could prevent that a backplane overhead affects the other and vice versa, because they have dedicated RAM and CPU as shown below:

This is a good way to not lose management if the dataplane was reaching its limits or to ensure traffic process independently of any management task we performs.

Briefing all, Palo Alto NGFW with its SP3 architecture ensures a really high performance with a very well designed workflow.