EasyManua.ls Logo

PaloAlto Networks ION 2000 - User Manual

PaloAlto Networks ION 2000
34 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
Loading...
ION 2000 Hardware Reference
docs.paloaltonetworks.com

Table of Contents

Question and Answer IconNeed help?

Do you have a question about the PaloAlto Networks ION 2000 and is the answer not in the manual?

Overview

  1. Technical Specifications
  2. I/O
  3. Throughput
  4. Power and Mechanical
  5. Certifications
  6. Environmental
  7. Physical
  8. Usage Features
  9. Installation
  10. Deployment Modes
  11. Front Panel LEDs
  12. Power On/Off/Reboot
  13. Maintenance Features
  14. Tamper Proof Statement
  15. Product Safety Warnings
  16. Documentation
  17. Third-Party Component Support

The Palo Alto Networks ION 2000 is an enterprise branch appliance designed for Prisma SD-WAN (Software-Defined Wide Area Network) deployments. It transforms traditional WANs by enabling the combination of heterogeneous underlying transports into a unified hybrid WAN. The ION 2000 establishes service-level agreements (SLAs) for security, path selection, and application performance, providing direct insight into end-user application performance for traditional, SaaS, modern, and encrypted applications. It communicates bi-directionally with the Prisma SD-WAN controller for device, application, and WAN configuration, as well as analytics.

The ION 2000 can be deployed in a standalone fashion for direct-to-internet scenarios, offering granular control and visibility without a data center device. Alternatively, it can be used in conjunction with ION 7000 or ION 9000 devices in the data center to create a secure, full-mesh fabric across the WAN. Deployment options include:

  • Standalone Prisma ION 2000 (No HA)
  • Prisma ION 2000 + Existing Router HA
  • Prisma ION 2000 + Prisma ION 2000 HA

Technical Specifications:

I/O:

  • Controller: 1 x 10/100/1000 RJ-45 port. This port is used for communication with the Prisma SD-WAN controller and is configured as a DHCP client by default.
  • WAN/LAN/Internet Ports: 5 x 10/100/1000 RJ-45 ports. Ports 1-5 are used for internet, local area network (LAN), or private router/multi-path label switching (MPLS) connectivity. WAN or LAN ports can be coupled or de-coupled as needed. By default, ports 2 and 3 are DHCP-enabled.
  • Fail-to-Wire Port Pair: By default, ports 4 and 5 are pre-configured as a fail-to-wire port pair, which can be set to fail open or closed.
  • AUX Port: An auxiliary access port for offline access, configuration, and troubleshooting during installation.
  • USB Port: Reserved for future use.

Throughput:

  • Standard Throughput: Up to 250 Mbps.
  • Encrypted Throughput: Measured at 1400 byte HTTP packets with all features turned on.

Power and Mechanical:

  • Type/Watts: 1 x 36W Power Adapter.
  • Power Input: AC 100~240 V @50~60 Hz.
  • Fan Cooling: Fanless design.

Certifications:

  • FCC/UL, CE (EMC).
  • VCCI Class B (Japan) compliant.
  • KCC Class B (Korea) compliant.
  • UL Product Ambient Temperature: 0~40 degree C.
  • CE (European Union (EU)) Electromagnetic Compatibility Directive (2014/30/EU) and Low Voltage Directive (2014/35/EU) compliant for devices without radios.
  • CE (European Union (EU)) Radio Equipment Directive (2014/53/EU) compliant for devices with radios (ION 1200-C-ROW, ION 1200-C5G-WW).
  • ICES (Canadian EMC Compliance Statement) Class B digital apparatus compliant with Canadian ICES-003.

Environmental:

  • Operating Temperature: 32°F to 104°F (0°C to 40°C).
  • Storage Temperature: -4°F to 158°F (-20°C to 70°C).
  • Operating Humidity: 5% to 90% (non-condensing).
  • Storage Humidity: 5% to 95% (non-condensing).

Physical:

  • Weight: 2.64 lbs (1.2 kg).
  • Dimensions: 6.97" x 1.73" x 5.73" (177mm x 44mm x 145.5mm).

Usage Features:

Installation:

The ION 2000 can be rack-mounted or wall-mounted.

  • Rack Mount: Requires an optional rack-mount kit with two L-shaped brackets and a screw kit. The brackets attach to the sides of the device, which is then mounted onto a standard 19-inch rack.
  • Wall Mount: Requires an optional wall-mount kit with two wall brackets and a screw kit. The brackets attach to the device, and the device is then secured to the wall using wall anchors and screws.

Deployment Modes:

  • With an Existing Router (Analytic or Control Mode): The ION 2000 is inserted into the network without modifying existing network settings. It uses an inline insertion method with fail-to-wire redundancy to inspect or process traffic, requiring only physical changes. The controller port connects to an existing DHCP-enabled LAN with internet access. Internet ports (from ports 1-3) are plugged into a broadband internet source and are protected by a firewall. Private WAN connections use ports 4 and 5.
  • Replacing the Router (Control Mode): The ION 2000 acts as a drop-in replacement for a WAN router, useful for new sites without a traditional router. Cabling is prepared, the device is mounted, and power is connected. Internet access (broadband or temporary private network) is required for remote configuration.

Front Panel LEDs:

  • Disk Status: Orange light (blinking) indicates disk activity.
  • Controller Connectivity Status: Blue light indicates connected, Red light indicates not connected.
  • Power Status: Green light indicates powered on, No light indicates powered off.

Power On/Off/Reboot:

  • Power On: Connect power cables to the device and an AC outlet. The power indicator turns green.
  • Shut Down: Can be done using the debug shutdown command in the Device Toolkit (ensure physical accessibility for restart) or by pressing the power switch 5 times (press and hold for 1 second, then release).
  • Reboot: Press the power switch 3 or 4 times.

Maintenance Features:

Tamper Proof Statement:

Upon receipt, users should verify:

  • The tracking number matches the physical label on the box/crate.
  • The integrity of the tamper-proof tape sealing the box/crate.
  • The integrity of the warranty label on the firewall/appliance.

Product Safety Warnings:

  • ESD Protection: Wear an electrostatic discharge (ESD) strap when installing or servicing components with exposed circuits.
  • Cabling: Use grounded and shielded Ethernet cables for EMC compliance.
  • Voltage: Do not connect a supply voltage exceeding the input range.
  • Battery Replacement: Do not replace batteries with an incorrect type to avoid explosion. Dispose of used batteries according to local regulations.
  • I/O Ports: Intended for intra-building connections only, not for OSP (Outside Plant) or network connections subject to external voltage surge events.
  • Power Supplies (for devices with two or more): Disconnect all power cords (AC or DC) to fully de-energize the hardware due to shock hazard.

Documentation:

  • The most recent version of the guide and related documentation are available on the Technical Documentation portal at docs.paloaltonetworks.com.
  • A search page is available at docs.paloaltonetworks.com/search.html.
  • Feedback or questions can be submitted via comments on any portal page or by emailing documentation@paloaltonetworks.com.

Third-Party Component Support:

Users should review the Palo Alto Networks Third-Party Component Support statement before installing third-party hardware.

PaloAlto Networks ION 2000 Specifications

General IconGeneral
BrandPaloAlto Networks
ModelION 2000
CategoryFirewall
LanguageEnglish

Related product manuals