Skip to Content

PSE – Strata: If NGFW already has ATP enabled, what is the throughput impact of enabling AURLF?

Question

If a Palo Alto Networks Next-Generation Firewall (NGFW) already has Advanced Threat Prevention (ATP) enabled what is the throughput impact of also enabling Wildfire and Advanced URL Filtering (AURLF)?

A. The throughput will decrease with each additional subscription enabled.
B. The throughput will remain consistent, but the maximum number of simultaneous sessions will decrease.
C. The throughput will remain consistent regardless of the additional subscriptions enabled.
D. The throughput will decrease, but the maximum simultaneous sessions will remain consistent.

Answer

A. The throughput will decrease with each additional subscription enabled.

Explanation

The impact of enabling Wildfire and Advanced URL Filtering on a Palo Alto Networks Next-Generation Firewall that already has Advanced Threat Prevention enabled depends on the model and configuration of the firewall. However, a possible answer is:

A. The throughput will decrease with each additional subscription enabled. This is because each subscription adds more processing and inspection to the traffic, which can affect the performance and latency of the firewall. The amount of decrease may vary depending on the firewall hardware and software capabilities, as well as the traffic volume and characteristics.

The other options are not correct because:

B. The throughput will remain consistent, but the maximum number of simultaneous sessions will decrease. This is not likely to be true, as the number of sessions is determined by the firewall memory and session table size, not by the subscriptions enabled.

C. The throughput will remain consistent regardless of the additional subscriptions enabled. This is not likely to be true, as each subscription adds more processing and inspection to the traffic, which can affect the performance and latency of the firewall.

D. The throughput will decrease, but the maximum simultaneous sessions will remain consistent. This is not necessarily true, as the number of sessions may also be affected by the traffic volume and characteristics, as well as the firewall memory and session table size.

Reference

Palo Alto Networks System Engineer Professional PSE – Strata certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Palo Alto Networks System Engineer Professional PSE – Strata exam and earn Palo Alto Networks System Engineer Professional PSE – Strata certification.