The SonicWALL Network Security Appliance Series N E T WO R K SECU R I T Y Next Generation Unified Threat Management Protection Organizations of all sizes depend on their networks to access internal and external mission-critical applications. As advances in networking continue to provide tremendous benefit to organizations, they are increasingly challenged by sophisticated and financially-motivated attacks designed to disrupt communication, degrade performance and compromise data.n SonicWALL’s next Malicious attacks penetrate outdated stateful packet inspection firewalls by exploiting higher network generation security levels. Point products add layers of security, but are costly, difficult to manage, limited in controlling network misuse and ineffective against the latest multipronged attacks. The SonicWALL® Networkn Scalable multi-core Security Appliance (NSA) Series revolutionizes network security, utilizing a breakthrough multi-core hardware and design and patented Reassembly-Free Deep Packet Inspection™ (RFDPI) technology* offering Reassembly-Free Deep complete protection without compromising network performance. This platform was first made Packet Inspection available on the SonicWALL E-Class NSA Series, and it is now available for mid-sized organizations.n Stateful High Availability The NSA Series overcomes the limitations of existing security solutions by scanning the entirety of and load balancing each packet for current internal and external threats in real time. Built on a high-speed multi-core features processing platform, the NSA Series enables deep packet inspection without adversely impactingn High performance the performance of mission-critical networks and applications. and lowered TCO The NSA Series applies next-generation Unified Threat Management (UTM) against an Advanced routing services comprehensive array of attacks, combining intrusion prevention, anti-virus and anti- and networking features spyware with the application-level control of SonicWALL Application Intelligence Service. With advanced routing, stateful high-availability and high-speed IPSec and SSL VPN technology,n Standards-based Voice the NSA Series adds security, reliability, functionality and productivity to branch offices, central over IP (VoIP) sites and distributed mid-enterprise networks, while minimizing cost and complexity.n Secure distributed wireless Comprised of the SonicWALL NSA 240, 2400, NSA 3500 and NSA 4500, the NSA Series offers a LAN services scalable range of solutions designed to meet the network security needs of any organization.n Onboard Quality of Features and Benefits Service (QoS) SonicWALL’s next generation security incorporates Advanced routing services and networking features a new level of UTM that integrates intrusion prevention, incorporate advanced networking and security gateway anti-virus and anti-spyware and features the technology including 802.1q VLANs, Multi-WAN failover, Application Intelligence Service suite of configurable zone and object-based management, load balancing, tools to prevent data leakage and offer granular advanced NAT modes and more, providing granular application control. configuration flexibility and comprehensive protection Scalable multi-core hardware and Reassembly-Free at the administrator’s discretion. Deep Packet Inspection scans and eliminates threats Standards-based Voice over IP (VoIP) capabilities of unlimited file sizes, and provides virtually unrestricted provide the highest levels of security for every element of concurrent connections with uncompromising speed. the VoIP infrastructure, from communications equipment The NSA 240 can be configured using primary or to VoIP-ready devices such as SIP Proxies, H.323 Gatekeepers secondary modem or 3G wireless interfaces for future- and Call Servers. proofed extensibility. Secure distributed wireless LAN services enable the Stateful High Availability and load balancing appliance to function as a secure wireless switch and features in SonicOS 5.5 Enhanced maximize total controller that automatically detects and configures network bandwidth and maintain seamless network SonicPoints, SonicWALL wireless access points, for secure ™ uptime, delivering uninterrupted access to mission-critical remote access in distributed network environments. resources, and ensuring that VPN tunnels and other network Onboard Quality of Service (QoS) features use industry traffic will not be interrupted in the event of a failover. standard 802.1p and Differentiated Services Code Points High performance and lowered TCO are achieved (DSCP) Class of Service (CoS) designators to provide by using the processing power of multiple cores in powerful and flexible bandwidth management that is unison to dramatically increase throughput and provide vital for VoIP, multimedia content and business-critical simultaneous inspection capabilities, while lowering applications. power consumption. *U.S. Patent 7,310,815–A method and apparatus for data stream analysis and blocking.
Dynamic Security Architecture and Management SonicWALL Deep Packet Inspection Architecture Eliminated Threats & Non-business Traﬃc SonicWALL Real-time Automatic Threat Application Intelligence Intrusion Prevention 3 1 Gateway Anti-Virus Database Updates Unified Threat Content Filtering Anti-Spyware Clean VPN Management Clean Traﬃc Firewall Emerging Blended Threats Forwarding Viruses Engine Network I/O Engine Routing Spyware Traﬃc Traﬃc PROT Bandwidth L4 L2 L7 L3 IN Management Bandwidth OUT Exploits Management Defrag Stateful Classiﬁcation and Transformation Normal Flow Order Presentation 2 Update Engine Best-in-Class Threat Protection 1 SonicWALL deep packet inspection protects against This functionality allows threats to be identified and network risks such as viruses, worms, Trojans, spyware, eliminated over unlimited file sizes and unrestricted phishing attacks, emerging threats and Internet misuse. concurrent connections, without interruption. Application Application Intelligence adds highly- 3 The Network Security Appliance Series provides configurable controls to prevent data leakage and dynamic network protection through continuous, manage bandwidth at the application level. automated security updates, protecting against 2 The SonicWALL Reaseembly-Free Deep Packet emerging and evolving threats, without requiring Inspection (RFDPI) technology utilizes SonicWALL’s any administrator intervention. multi-core architecture to scan packets in real time without stalling traffic in memory. Unified Threat Management Load Balancing Multi-processor Core with Deep Packet Inspection Deep Packet Inspection Architecture Single processor designs that include multiple Intrusion Prevention Application Control Gateway Anti-Virus Content Filtering Anti-Spyware protection technologies are severely limited Clean VPN Firewall Processor UTM Load Balancing by a single centralized processor. SonicWALL UTM load balancing integrates a high-speed Processor deep packet inspection and traffic classification Tra c In Tra c Out engine onto multiple security cores inspecting Processor applications, files and content-based traffic in real time without significantly impacting Processor Inspection Performance performance or scalability. This enables the scanning and control of threats for networks Processor that carry bandwidth intensive and latency sensitive applications. Eliminated Threats Suppliers Internet Clean Tra cMobile Users UTM Engine Internal Network Telecommuters SonicWALL Clean VPN The Network Security Appliance Series includes innovative SonicWALL Clean VPN™ technology which decontaminates vulnerabilities and malicious code from remote mobile users Centralized Policy Management and branch offices traffic before it enters the corporate The Network Security Appliance Series can be managed network, and without user intervention. using the SonicWALL Global Management System (GMS), which provides flexible, powerful and intuitive tools to centrally manage configurations, view real-time monitoring metrics and integrate policy and compliance reporting.
Flexible, Customizable Deployment Options – NSA Series At-A-GlanceEvery SonicWALL Network Security Appliance solutiondelivers next generation Unified Threat Management Internetprotection, utilizing a breakthrough multi-corehardware design and Reassembly-Free Deep Packet Branch OﬃceInspection for internal and external network protectionwithout compromising network performance. Each Reporting and analysisNSA Series product combines high-speed intrusionprevention, file and content inspection, and powerfulApplication Intelligence Service controls with anextensive array of advanced networking and flexibleconfiguration features. The NSA Series offers an Fixedaccessible, affordable platform that is easy to deploy NSA Series Telecommuterand manage in a wide variety of corporate, branchoffice and distributed network environments.n The SonicWALL NSA 4500 is ideal for corporate central-site and large distributed environments requiring high throughput capacity and performancen The SonicWALL NSA 3500 is ideal for corporate, SonicPoint-N GMS Server VoIP Corporate Desktop Corporate Desktop Corporate Desktop Corporate Desktop Servers branch office and distributed environments needing Centralized Marketing VLAN Finance VLAN significant throughput capacity and performance Management Wireless Laptops Corporate Headquarters/Branch Oﬃcen The SonicWALL NSA 2400 is ideal for small- to medium-sized corporate and branch office Server Enforced Client VPN SSL VPN Global Content Filtering Gateway Anti-Virus, Anti-Virus and Anti-Virus Remote VPN Service Anti-Spyware, Intrusion environments concerned about throughput capacity Anti-Spyware Servers Anti-Threat and Anti-Spyware Client PCs Anti- Access Upgrade Client Web Site Prevention and Application and Content Firewall Protection Threat Protection and performance Usage Control Perimeter and Network Protectionn The SonicWALL NSA 240 is ideal for small- to medium- sized businesses and branch office sitesSecurity Services and Upgrades Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention Dynamic Support Services are available 8x5 or 24x7 depending Service and Application Intelligence Service delivers on customer needs. Features include world-class technical intelligent, real-time network security protection against support, crucial firmware updates and upgrades, access to sophisticated application layer and content-based attacks extensive electronic tools and timely hardware replacement including viruses, spyware, worms, Trojans and software to help organizations get the greatest return on theirvulnerabilities such as buffer overflows. Application Intelligence Service SonicWALL investment.delivers a suite of configurable tools designed to prevent data leakage while Global VPN Client Upgrades utilize a software client that isproviding granular application-level controls. installed on Windows-based computers and increase workforce Enforced Client and Server Anti-Virus and Anti-Spyware productivity by providing secure access to email, files, intranets, delivers comprehensive virus and spyware protection for laptops, and applications for remote users. Upgrade licenses are desktops and servers using a single integrated client and offers available in a variety of user counts allowing this solution to automated network-wide enforcement of anti-virus and scale as the organization grows. anti-spyware policies, definitions and software updates. SSL VPN Remote Access Upgrades provide clientless remote Content Filtering Service enforces protection and productivity network level access for PC, Mac and Linux-based systems. With policies by employing an innovative rating architecture, utilizing integrated SSL VPN technology, SonicWALL UTM appliances a dynamic database to block up to 56 categories of objectionable enable seamless and secure remote access to email, files, Web content. intranets, and applications from a variety of client platforms via NetExtender, a lightweight client that is pushed onto the user’s machine. NetExtender is installed and configured automatically, requiring no user ViewPoint Reporting delivers easy-to-use, Web-based capabilities interaction. that provide administrators with instant comprehensive insight into network performance and security. Delivered through a SonicWALL Comprehensive Anti-Spam Service blocks spam series of historical reports using dashboards and detailed phishing and virus-laden emails at the gateway. There is no need summaries, ViewPoint helps organizations of all sizes track to redirect an MX Record or send email to another vendor, withInternet usage, fulfill regulatory compliance requirements and monitor the one click the service is activated and immediately starts blockingsecurity status of their network. junk email and saving valuable network bandwidth. SonicWALL® Virtual Assist is a remote support tool that enables a technician to assume control of a PC or laptop for the purpose of providing remote technical assistance. With permission, the technician can gain instant access to a computer using a Web browser, making it easy to diagnose and fix a problem remotelywithout the need for a pre-installed “fat” client.