Enable identity-based controls in a cloud-first world
Managing identities has become challenging. See our approach.
PAN-OS 11.1
PAGE
Search
PAN-OS 12.1 Orion : Quantum Readiness View
A Central Dashboard for Identifying and Remediating Cryptographic Risk, Guiding Your Organization to a Quantum-Secure Future.
Palo Alto Networks named a Leader in the 2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
Palo Alto Networks delivers consistent, AI-powered security from one platform.
A CISO's Guide to Quantum Security - A Six-Part Series
Quantum Computing: Closer than you think, not as difficult as you expect
Modernize Your Network Security With Artificial Intelligence
Key Principles to Adopting a Zero Trust, AI-Powered Approach to Network Security
The Forrester Wave™: Enterprise Firewalls, Q4 2022 Report
Palo Alto Networks named a Leader in Enterprise Firewalls.
Know your app traffic
Understand the true identity of your applications
PAN-OS® includes App-ID™, our patented traffic classification technology. It automatically discovers and controls new applications — even those that try to evade detection by masquerading as legitimate traffic, hopping ports or sneaking through firewalls under encryption. Plus, our latest post-Quantum cryptographic algorithms prohibit nonsanctioned activity, using vulnerability signatures and threat reporting.
Manage user access
Authenticate and authorize users and achieve Zero Trust for identity
Safeguard your data with PAN-OS post-Quantum VPNs that are based on open standards. Cloud Identity Engine also helps aggregate and synchronize user information across identity providers, allowing consistent authentication and authorization of users, regardless of location and where user identity stores reside. This is all done with point-and-click configuration that automatically synchronizes identity across all identity providers.
Create device-based rules
Manage device security on your network with ease
Device-ID™, a feature of PAN-OS, provides policy rules for devices regardless of changes to IP address or location. Gain context for how events relate to devices and device policies. PAN-OS can help improve security, decryption, QoS and authentication policies.
Scan traffic content
Block exploits that evade other security methods
Similar to Device-ID and App-ID, Content-ID™ gives you the power to understand and control the content of traffic moving through your network. Content-ID provides comprehensive threat protection in a single scan of network traffic, optimizing your NGFW performance.
Maximize throughput
Enable high-throughput, low-latency security
The traditional strategy of simply adding more and more security features results in performance degradation and increased latency. Our single-pass architecture performs all necessary security functions in a single scan, reducing complexity and minimizing total cost of ownership.
Secure encrypted traffic
Protect against threats that hide behind encryption
Unless inspected, encrypted traffic leaves organizations blind to security risks hidden inside. Hackers take advantage of this lack of visibility to deliver malware within encrypted traffic. PAN-OS provides comprehensive decryption for TLS and SSL encrypted traffic, including TLS 1.3 and HTTP/2.
Future proof VPN
Protect against threats that hide behind encryption
Unless inspected, encrypted traffic leaves organizations blind to security risks hidden inside. Hackers take advantage of this lack of visibility to deliver malware within encrypted traffic. PAN-OS provides comprehensive decryption for TLS and SSL encrypted traffic, including TLS 1.3 and HTTP/2.
Native web proxy support
Native web proxy support
Consolidate firewall and proxy into a single platform while managing capabilities through a centralized management platform to build policies. Support explicit proxy through PAC files and also transparent proxy.
Why PAN-OS 12.1 Orion Is Your Best
Defense Against Tomorrow's Threats, Today
Cloud Identity Engine
The industry’s most comprehensive user identity solution for network security, enabling you to deliver Zero Trust in a cloud-first world.
Streamline Data Collection and Analysis
To resolve an incident, you need to find the entry point and track down remnants even if adversaries tried to cover their tracks. The Cortex XDR Forensic module, integrated into the Cortex XDR agent, gathers comprehensive data and displays investigative details in an intuitive forensics workbench.
Rich forensics evidence:
Instantly access a wealth of artifacts, including event logs, registry keys, browser history, process execution, drives, command history and more.
Offline data collection:
Download a complete forensics snapshot of an air-gapped endpoint, upload it to Cortex XDR, and analyze it together with other forensics data.
Previous Innovations
In addition to the latest features in PAN-OS 12.1, you can also leverage innovations introduced in previous releases.
Become an expert in network security
Dive deeper into the technology behind our Next-Generation Firewalls by taking a curated journey through relevant resources we’ve collected from our site.
Meet with us
Contact our team of PAN-OS experts today. We want to meet with you to help keep your network secure