The Palo Alto PA-200 next-generation firewall (NGFW) safely enables applications and provides protection against modern cyber threats. Ideal for small organizations, branch offices, and retail locations, the PA-200 firewall appliance secures your network while enabling SD-WAN.


Why Choose Palo Alto Firewall PA-200?

Available in desktop form factor, the PA-200 brings to your business Palo Alto’s same PAN-OS features that protect large enterprise data centers. It includes high availability with active/active and active/passive modes. The PA-200 provides you with interactive visibility and control of applications, users, and content at throughput speeds of up to 100Mbps. Adopting a fanless design and solid-state drive storage, the PA-200 delivers quiet operation and low power consumption. With this hardware firewall, you get consistent power input for increased reliability.  The PA-220 also simplifies the distribution of large numbers of firewalls through the USB port.


Traffic classification

Tight security policies

Centralized management


Limited firewall throughput at 100Mbps

Limited maximum new sessions per second at 1000

Limited number of I/O ports at 4

Key Features

Palo Alto PAN-OS.

Running on Palo Alto’s PAN-OS, the PA-200 classifies all traffic. This includes applications, content, and threat. These business elements and, more importantly, the user, serve as the basis of security policies. With PAN-OS, the PA-200 offers improved security posture and fast response time.

Application Classification.

The PA-200 can classify applications, regardless of port, the evasive technique used, and encryption employed (SSH or SSL). This firewall appliance works all the time, focusing on the applications, including unidentified ones, and not the ports. This capability serves as your basis in creating and implementing policy decisions in your network.

Protection Against All Threats.

Once an application went fully classified, you can protect your network from a range of cyberattacks. The PA-200 enables you to allow specific applications and deny others to reduce the network threat footprint. Coordinated cyberattack protection can then be applied to block known malware sites, prevent vulnerabilities, and avoid malicious DNS queries.

Versatile Compatibility.

Extending its coverage, the PA-200 enforces security policies on both local and remote users. These policies consistently work regardless of the device’s platform, whether it’s Android, iOS, macOS or Windows. This hardware firewall allows for agentless integration with Citrix, LDAP, Novell eDirectory, and Microsoft Active Directory and Terminal Services. The PA-200 also integrates your firewall policies with network access control, 802.1X wireless proxies, and other sources of user identity information.

Virtualized Sandbox.

Capable of blocking known and unknown threats, the PA-200 prevents malware and exploits entering your network. By safely enabling non-work-related Internet activities, this hardware firewall effectively controls the transfer of unauthorized files and sensitive data. It also evaluates unknown malware based on behaviors, then it provides protection when needed. Unknown malware components found within the applications on your network are analyzed in a virtualized sandbox environment. Once new malware got discovered, a signature for the infecting file and related malware traffic is automatically generated and delivered to you.

Other Features

NAT Support

LDAP Support

VLAN Support

IPv6 Support


IPv4 Support

cCSAus, CB Safety


Firewall Throughput: 100Mbps
Maximum New Sessions Per Second: 1000
Maximum Concurrent Sessions: 64000
Integrated I/O: 4x Gigabit Ethernet
Storage Capacity: 16GB SSD
Serial Ports: LAN and USB
Form Factor: Desktop
Power Supply: 40W
Dimensions: 234.95 x 177.8 x 44.45mm
Weight: 1.27kg

How To Use

  • Attach the rubber pads to the recessed circles on the bottom of the Palo Alto PA-200 and then place the firewall on a flat stable surface.
  • Remove the screw and star washer from the ground point on the back of the firewall.
  • Crimp a 14AWG ground cable to a ring lug. Place the ring lug over the screw and the star washer. Torque the screw and then connect the other end of the cable to earth ground.
  • Connect the PA-220 to a power source. The hardware firewall comes with an external power adapter that converts an AC power source to DC power.
  • Connect the DC connector from the power adapter into the PWR 1 port on the firewall and tighten the connector nut to secure the cable to the firewall.
  • Plug the AC connector from the power adapter into your AC power source. After power is connected, the firewall powers on as indicated by the green power LED next to the PWR 1 port.
  • The front PWR LED shows green when a functioning power adapter is connected.

About Palo Alto

Palo Alto anchors on its 14 years of experience in developing firewall and cybersecurity solutions. A trusted industry leader, Palo Alto empowers 65,000 enterprise customers around the globe. The company is an 8-time Gartner Magic Quadrant Leader for network firewalls.

Final Thoughts

The Palo Alto PA-220 belongs to the best network hardware firewall in the market on our list. However, its small form factor clearly suggests that it performs more effectively in small organizations, branch offices, and retail locations. Overall, PA-220 is an excellent firewall for small network infrastructures.


If you want to go through more hardware firewall products in the market, feel free to go through other hardware firewall reviews on the site.