SlideShare a Scribd company logo

Blank - Competitive Analysis - MASTER

Download as PPTX, PDF
J
Jody Spoor

SonicWall has a stronger portfolio including email security, remote access, and wireless capabilities compared to [VENDOR HERE]. SonicWall also has stronger high availability without limitations. Additionally, SonicWall has wider protocol support on its next-generation firewalls without file size limits and better coverage with its SSL inspection engine. In contrast, [VENDOR HERE] lacks external access points, WAN acceleration and optimization, and has limited VPN capabilities and native mobile client support.

1 of 57
[VENDOR HERE] VS SONICWALL COMPETITIVE ANALYSIS [Subtitlehere] ByJodySpoor,TME Version[HERE]–2017-01 [VendorFirmwareVersionhere]
© Copyright SonicWall SONICWALL VS [VENDOR HERE] QUICK OVERVIEW SonicWALL Strengths: • Stronger portfolio including Email Security, Remote Access and Wireless • Wider protocol support on GAV without file size limits and better coverage with better SSL inspection engine • HA without limitations • Strong set of 3rd party validations and certifications [VENDOR HERE] Weaknesses: • No external access points • No WAN acceleration and optimization • Limited VPN capabilities and no native iOS, Android and windows 10 clients • Typical application proxy with limited protocol support and file size limitations, no CIFS/SMB support at all • Limited HA • No sandbox       Stronger portfolio including wireless, HA without limitations, GAV without filesize limits
© Copyright SonicWall Product Lines2 AGENDA [VENDOR HERE] Datasheet vs Reality Feature Comparison 3rd Party Validations 1 Combatting Claims 3 4 5 6 Summary7
[VENDOR HERE]
© Copyright SonicWall [VENDOR HERE] [VENDOR INFORMATION HERE] About [VENDOR HERE]
© Copyright SonicWall [VENDOR HERE] STRENGTHSVS WEAKNESSES Sophos Strengths: • Really strong endpoint software and integration (SG only, limited on XG)(1) • Very good UI on the XG series (complete overhaul) (2) • Strong set of Microsoft proxies on the XG series • Unified policies on the XG series [VENDOR HERE] Weaknesses: • Three competing product lines with two of them no future and one of them is unfinished • Overinflated data sheet numbers • AV engine with limited protocol support, CIFS protection totally reliant on endpoint software • File size limitations across the board • Lack of 3rd Party Certification and Validation Could be a threat if OS is finished, at the moment it’s a mess !!! (1)Improvedin16.0butnotyetcompelte (2)UIchangedtoamoreconventionalonein16.0
PRODUCT LINES
© Copyright SonicWall [VENDOR HERE] FIREWALL PRODUCT LINES SMB / Distributed Enterprise Branch /Campus Enterprise / Data Center
© Copyright SonicWall [VENDOR HERE] PRODUCTS FEATURE 105 115 125 135 210 230 310 330 430 450 550 560 MSRP Total Protect 1yr $638 $940 $1,280 $1,975 $3,241 $4,578 $6,419 $8,762 $13,448 $18,943 $27,916 $42,608 Stateful Firewall Throughput (Mbps) 1,500 2,300 3,100 6,000 11,000 13,000 17,000 20,000 25,000 27,000 40,000 60,000 IPS Throughput Datasheet / Normalized (Mbps) 350 / 105 500 / 150 750 / 225 1,500 / 450 2,000 / 600 3,000 / 900 5,000 / 1,500 6,000 / 1,800 7,000 / 2,100 8,000 / 2,400 12,000 / 3,600 16,000 / 4,800 AntiVirus Throughput Datasheet / Normalized (Mbps) 90 / 27 130 / 36 200 / 60 350 / 105 500 / 150 800 / 240 1,200 / 360 1,500 / 450 2,000 / 660 2,500 / 750 3,500 / 1,050 5,000 / 1,500 COMPARABLE SONICWALL PRODUCT SOHO SOHO/TZ300 TZ300/TZ400 TZ400/TZ500 NSA2600/3600 NSA 3600 NSA 4600 NSA 5600 NSA 5600/6600 Normalizationfactorbasedondiversethroughputtests/reports SNWL0,9 SPHS0.3
DATASHEET VS REALITY
© Copyright SonicWall DATASHEETVS REALITY [VENDOR HERE] publishes only a limited set of numbers on their datasheet, Firewall, VPN, IPS and AV- proxy Especially the IPS and AV throughput numbers seem far from reality [VENDOR HERE] Datasheet more fiction then fact
FEATURE COMPARISON
NETWORKING
© Copyright SonicWall NETWORKING Sources: [VENDORADMINGUIDE] Feature Bridge Mode     Wire Mode     TAP Mode     WWAN     Multi WAN  Round Robin, Spill over, Ratio  Weighted Round Robin  Weighted Round Robin  Weighted Round Robin Zone Based     Address Objects / Groups   Dedicated IP and FQDN groups   Dedicated IP and FQDN groups
© Copyright SonicWall NETWORKING- CONTINUED Feature Full Featured DHCP Server Including DHCP Options   IP+DNS+WINS only   IP+DNS+WINS+ HTTP Proxy Option only DHCP Relay     IP Helper IP Help / Relay non-DHCP (e.g. NetBIOS)     MAC-IP Spoof Prevention     Connection Limiting  Per Firewall Rule even    Connection Rate Limiting  L2+L3 SynFlood, UDP, ICMP  L3 SynFlood, UDP, ICMP  L3 SynFlood, UDP, ICMP  L3 SynFlood, UDP, ICMP WAN Acceleration / Optimization     Sources: [VENDORADMINGUIDE]
© Copyright SonicWall ROUTING Feature Policy Based Routing Routing based on Source, Destination and Service   Source Routing + Destination Routing   Source Routing + Destination Routing Probing on Routes Disable route if probe fails     RIP     OSPF    No interface Passive  BGP     Multicast Routing (PIM-SM)     Dynamic Routing over VPN     Sources: [VENDORADMINGUIDE]
WIRELESS
© Copyright SonicWall WIRELESS Feature Desktop Models with Built in Wireless SOHO-W: a/b/g/n TZ Series: a/b/g/n/ac : a/b/g/n 105w+ 115w: a/b/g/n 125w+135w: a/b/g/n/ac 85w+105w+115w: a/b/g/n 125w+135w: a/b/g/n/ac Mesh Networks  No Access Points   Dynamic VLAN assignment  No Access Points   Rogue AP Detection  No Access Points   Rogue AP Prevention  No Access Points   Wireless RF Monitoring and Analysis  No Access Points   Fairnet & Wireless Multi Media (QoS)  No Access Points   Sources: SophosUTMAdministrationGuide9.351 CyberoamUserGuide10.6.3 SophosXGFirewallAdministratorGuide v15.01
VPN & REMOTE ACCESS
© Copyright SonicWall VPN & REMOTE ACCESS Feature Route Based VPN  Policy Based Routing    IKEv2   OpenSwan 2.4.9 (2007)  StrongSWAN v4 (2010)  OpenSwan 2.4.9 (2007) Suite B Cryptography    - Yes in 16.01 Vulnerable Open Source SSL VPN   OpenVPN  OpenVPN  OpenVPN (1) Native Win 10 (AppStore) VPN Client   OpenVPN  OpenVPN  OpenVPN Native iOS VPN Client     Native Android VPN Client     Sources: [VENDORADMINGUIDE]
AUTHENTICATION & SSO
© Copyright SonicWall AUTHENTICATION& SSO Feature Active Directory / LDAP     Radius  Support for AD/LDAP Group lookup  No support for Radius Attributes / Groups  No support for Radius Attributes / Groups  Uses Radius Group Attribute TACACS+     Single Sign-On (SSO) SSO Agent Radius Accounting NTLM Terminal Server Agent Radius Accounting Thin Client Agent NTLM Browser Based (NTLM/Kerberos) Works only on standard HTTP requests SSO Agent Radius Accounting Thin Client Agent One-Time Passwords (OTP) Built-in OTP 2FA support using Radius 2FA support using Radius Built-in OTP 2FA support using Radius 2FA support using Radius Guest Accounts  Session Limits Up and Download quotas  No Session limit No quotas Password / Voucher Session Limit Download quotas  No Session limit No quotas External Guest Authentication Centralized External Guest Authentication Server     Sources: [VENDORADMINGUIDE]
SECURITY SERVICES
© Copyright SonicWall SECURITYSERVICES Feature` DNS Rebind Attack Prevention     Botnet Filtering    Requires ATP  SMTP Only Non-SMTP requires client Geo-IP     Real-Time Application Visualization     Application Control Policies based on Categories, Applications and Application sub-signatures Both inclusions and exclusions based on IP/Group Policies based on Applications Inclusions based on Groups Policies based on Applications Inclusions based on IP/Group Policies based on Applications Inclusions based on Groups QoS on Applications QoS per policy QoS per policy QoS per Category/Application QoS per policy Application Categories and Signatures As per 05/18/2016 27 Application Categories 3702 Signatures 22 Application Categories 2674 Signatures 14 Application Categories 1221 Signatures 22 Application Categories 2674 Signatures
© Copyright SonicWall SECURITYSERVICES- CONTINUED Feature Gateway Antivirus vendor SonicWALL Kaspersky Sophos / Avira Sophos / Avira AV TCP Stream scanning     AV Protocol Support HTTP(S), FTP, IMAP, SMTP(S), POP3, CIFS, SMB, SMBv2, SMBv3 HTTP(S), FTP, IMAP, SMTP(S), POP3 Requires App Proxies HTTP(S), FTP, IMAP, SMTP(S), POP3 Limitations when not using App Proxies HTTP(S), FTP, IMAP, SMTP(S), POP3 Unlimited File Size Protection   HTTP(S) 25 MB FTP 20 MB Email 50 MB ? UI allows values of SMTP 1-999 HTTP 1-9999  HTTP(S) 250 MB FTP 20 MB Email 50 MB Cloud AV     IPS Granular Control Enabling / Disabling / Exceptions per Category / Signature Signatures need to be applied to Policies Policies applied to rules Enabling / Disabling per Category / Subcategory NOT per signature Signatures need to be applied to Policies Policies applied to rules IPS Categories and Signatures As per 05/18/2016 30 IPS Categories 5124 signatures 21 IPS Categories 6668 signatures 8 categories 1155 attack, 2369 warning Default does not use signatures >12 months 21 IPS Categories 5464 signatures
© Copyright SonicWall SSL DECRYPTION Feature SSL Inspection on non 443     SSL Inspection method Streambased Proxy Proxy Proxy Granularity Enabled globally Inclusion&Exclusion based on Address&User Object/Groups HTTPS inspection on/off per policy HTTPS inspection on/off per policy HTTPS inspection on/off per policy Inclusion/Exclusion based on CFS category    Exclusions Only Exclusion based on Certificate CN     Application Control and SSL inspection     Sources: [VENDORADMINGUIDE]
SANDBOX
© Copyright SonicWall SANDBOX Feature Proprietary Sandbox  Multi engine, one proprietary and two OEM complimentary - Acquired via an acquisition using an OEM. Vendor unknown Multi Engine Sandbox   Cloud or Appliance Cloud Cloud Block until Verdict   Supported Protocols HTTP(S), FTP, IMAP, SMTP(S), POP3, CIFS, SMB, SMBv2, SMBv3 HTTP(S),FTP,SMTP Supported File Types PE & Executables & APK PDF & MS-Office Archives Executables PDF & MS-Office Archives Maximum Filesize Limit 10 MB, will be increased in the future Not listed NOTE:
© Copyright SonicWall SONICWALL CAPTURE ADVANCEDTHREATPROTECTIONSERVICE • Multi-engine sandbox detects more threats than single sandbox technology • Broad file type analysis and operating system support • Can block until verdict at the gateway • Rapid deployment of remediation signatures • Reporting and alerts Cloud service detects and blocks zero-day threats at the gateway
HIGH AVAILABILITY
© Copyright SonicWall HIGH AVAILABILITY Feature SF-OS HA on smaller appliances  All Gen6    HA Backup Link Single HA Link risks Split Brain     HA Support in Bridge Mode   ?  Anti-Spam Junk Summaries / Digests    HA pair means two quarantine stores  HA pair means two quarantine stores Upgrade of HA pair without disabling HA     Sources: [VENDORADMINGUIDE]
MANAGEMENT
© Copyright SonicWall MANAGEMENT Feature Full Configuration via WebUI     Full Configuration via Management Software  - IP addressing and routing missing  Firewall rules, Web Filter and VPN only  Global Protection Policies only Simple Provisioning Only needs local GMS settings and WAN configuration Full local interface configuration needed Major local configuration needed Almost full local configuration needed Management Software local or cloud Local Cloud in BETA Local Local Local and Cloud Sophos Central only supports XG Reporting included in Management Software or Separate Included Need separate licensed software Need separate licensed software Need separate licensed software Workflow and Change orders     Cloud Locations US, Amsterdam   US, Germany, Ireland
REPORTING
© Copyright SonicWall MANAGEMENT Feature Netflow Support  v5 & v9  v5 only   v5 only IPFIX Support    Missing Interface ID  Real-Time Application Visualization    Flow Monitor  Solera Stack Integration     Reporting Software One time fee per firewall Unlimited size Yearly renewal 1T, 8T or Unlimited Yearly renewal 1T, 8T or Unlimited Yearly renewal 1T, 8T or Unlimited
3RD PARTY VALIDATION
© Copyright SonicWall 3RD PARTY CERIFICATIONS Feature NSS Labs Recommended Firewall     ICSA Labs – Anti Virus     ICSA Labs – Network Firewalls     Common Criteria     IPv6 Phase 1, IPv6 Phase 2    Astaro 8.0 is Phase1 certified  DoD UC APL     FIPS 140-2     CsfC 1H’FY18    Azure Validated VPN Device    
© Copyright SonicWall FIPS 140-2 ICSA Firewall ICSA Enterprise Firewall (IPv6, High Availability, VoIP) IPv6 Phase 1 IPv6 Phase 2 NSS Recommended NGFW Approved Products List Integrated Tracking System UCAPL JITC Certified CsfC (InContract) USGv6 Testing (IPv6) Common Criteria EAL NDPP, EAL4+ In Progress: TFFW, IPS Protection Profiles ICSA Antivirus FIREWALLCERTIFICATIONS…ADDINGTO THE BADGE Azure validated VPN Device Certifications do matter
© Copyright SonicWall NSS LABS NEXT-GENERATIONFIREWALL SonicWALL > 95% Security Effective NSS Labs, Inc. is the world's leading information security company
2014 2012 2013 2015 NGFW Security Value Map (SVM) Product 2015 2014 2013 2012 SonicWall Y Y Y Y Cisco N Y Y N Sourcefire Y N/A Y N/A PAN N N Y Y Check Point Y Y Y Y Fortinet Y Y Y N WatchGuard N Y N N Forcepoint/Stonesoft Y Y Y Y Barracuda N N N N Cyberoam N N N/A N/A Juniper N N N N Huawei Y N/A N/A N/A Hillstone Networks Y N/A N/A N/A
© Copyright SonicWall ICSA LABS ICSA labs Anti-Virus • SonicWALL Firewalls Certified ICSA labs Network Firewalls • SonicWALL Firewalls Certified ICSA labs SSL-TLS • SonicWALL SMA Series Certified ICSA Labs has been providing credible, independent, third-party assurance since 1989 Sources:https://www.icsalabs.com
© Copyright SonicWall MICROSOFT ACTIVEPROTECTIONSPROGRAM (MAPP) Maintained by Microsoft Not influenced by Vendors Recognizes vendors that respond <48h SonicWall has never taken longer than 48h to issue protection Members of MAPP receive security vulnerability information from the Microsoft Security Response Center in advance of Microsoft’s monthly security update.
© Copyright SonicWall MICROSOFT ACTIVEPROTECTIONSPROGRAM (MAPP) • 2963983 • 2934088 • 2914486, NO • 2896666 • 2887505, only after 48 hours • 2847140 • 2794220, NO • 2719615 • 2639658, only after 48 hours Out of 9 (05/17/2016), SonicWALL: 9/9 Sources:https://technet.microsoft.com/en-us/security/advisorymapp.aspx
SECURITY OF THE SECURITY DEVICE
© Copyright SonicWall SECURITY VULNERABILITIES IN THE FIREWALL CVE and CCE Vulnerability Database last 3 years SonicWALL (sonicos) Sophos (UTM9) Sophos (Cyberoam) Checkpoint (firewalls) CISCO ASA (ASA) CISCO (firepower) Palo alto (pan-os) Fortinet (fortios) Watchguard (Fireware) Juniper (junos) Total on 19-05-2016 2 9 5 13 29 18 24 17 3 34+ CVE-2016 Year 2016 CVE-2015-7770 CVE-2015-7547 CVE-2016-3968 CVE-2014-8952 CVE-2016-1369 CVE-2016-1369 CVE-2016-3657 CVE-2016-3978 CVE-2014-0338 CVE-2016-1274 CVE-2015 Year 2015 CVE-2015-3447 CVE-2016-2046 CVE-2015-6811 CVE-2014-8951 CVE-2016-1367 CVE-2016-1368 CVE-2016-3656 CVE-2016-1909 CVE-2013-6021 CVE-2016-1273 CVE-2014 Year 2014 CVE-2016-0778 CVE-2014-5503 CVE-2014-8950 CVE-2016-1345 CVE-2016-1345 CVE-2016-3655 CVE-2015-7361 CVE-2013-5702 CVE-2016-1271 CVE-2016-0777 CVE-2014-5502 CVE-2014-6278 CVE-2016-1312 CVE-2016-1342 CVE-2016-3654 CVE-2015-5965 CVE-2016-1270 CVE-2015-8605 CVE-2014-5501 CVE-2014-7187 CVE-2016-1287 CVE-2016-1287 CVE-2015-4162 CVE-2015-3626 CVE-2016-1269 CVE-2015-8000 CVE-2014-7186 CVE-2016-1301 CVE-2015-6435 CVE-2014-3764 CVE-2015-2323 CVE-2016-1268 CVE-2015-0235 CVE-2014-6277 CVE-2016-1295 CVE-2015-6411 CVE-2013-5664 CVE-2015-1880 CVE-2016-1267 CVE-2014-2537 CVE-2014-7169 CVE-2015-6423 CVE-2015-6380 CVE-2013-5663 CVE-2014-8616 CVE-2016-1264 CRITICAL CVE-2013-5932 CVE-2014-6271 CVE-2015-6383 CVE-2015-6374 CVE-2012-6605 CVE-2015-1571 CVE-2016-1262 HIGH (bugfix also) CVE-2013-7350 CVE-2015-6379 CVE-2015-6371 CVE-2012-6604 CVE-2015-1452 CVE-2016-1260 MEDIUM CVE-2014-1673 CVE-2015-6344 CVE-2015-6370 CVE-2012-6603 CVE-2015-1451 CVE-2016-1258 LOW CVE-2014-1672 CVE-2015-6327 CVE-2015-6369 CVE-2012-6602 CVE-2014-0351 CVE-2016-1257 CVE-2013-7311 CVE-2015-6326 CVE-2015-6368 CVE-2012-6601 CVE-2014-2216 CVE-2016-1256 CVE-2015-6325 CVE-2015-6373 CVE-2012-6600 CVE-2013-7182 CVE-2015-7752 CVE-2015-6324 CVE-2015-6372 CVE-2012-6599 CVE-2013-7181 CVE-2015-7751 CVE-2015-4321 CVE-2015-6307 CVE-2012-6598 CVE-2013-1414 CVE-2015-7749 CVE-2015-4458 CVE-2015-4287 CVE-2012-6597 CVE-2013-4604 CVE-2015-7748 CVE-2015-4241 CVE-2015-0678 CVE-2012-6596 CVE-2014-6451 CVE-2015-4239 CVE-2012-6595 CVE-2014-6450 CVE-2015-4238 CVE-2012-6594 CVE-2014-6449 CVE-2015-4550 CVE-2012-6593 CVE-2015-7323 CVE-2015-0760 CVE-2012-6592 CVE-2015-7322 CVE-2015-0742 CVE-2012-6591 CVE-2015-5363 CVE-2015-0677 CVE-2012-6590 CVE-2015-5360 CVE-2015-0676 CVE-2015-5357 CVE-2015-0675 CVE-2015-5362 CVE-2015-0678 CVE-2015-5359 CVE-2014-8023 CVE-2015-5358 CVE-2015-0619 CVE-2015-3007 CVE-2015-3005 CVE-2015-3004 CVE-2015-3003 CVE-2015-3002 CVE-2014-6386 Sources:https://web.nvd.nist.gov/view/vuln/search(updatedon14-1-2016)
© Copyright SonicWall SECURITY VULNERABILITIES IN THE FIREWALL Source: https://web.nvd.nist.gov/view/vuln/search (updated on 14-1-2015) CVE and CCE Vulnerability Database last 3 years SonicWALL (sonicos) Sophos (UTM9) Sophos (Cyberoam) Checkpoint (firewalls) CISCO ASA (ASA) CISCO (firepower) Palo alto (pan-os) Fortinet (fortios) Watchguard (Fireware) Juniper (junos) Total on 19-05-2016 2 9 5 13 29 18 24 17 3 34+ CVE-2016 Year 2016 CVE-2015-7770 CVE-2015-7547 CVE-2016-3968 CVE-2014-8952 CVE-2016-1369 CVE-2016-1369 CVE-2016-3657 CVE-2016-3978 CVE-2014-0338 CVE-2016-1274 CVE-2015 Year 2015 CVE-2015-3447 CVE-2016-2046 CVE-2015-6811 CVE-2014-8951 CVE-2016-1367 CVE-2016-1368 CVE-2016-3656 CVE-2016-1909 CVE-2013-6021 CVE-2016-1273 CVE-2014 Year 2014 CVE-2016-0778 CVE-2014-5503 CVE-2014-8950 CVE-2016-1345 CVE-2016-1345 CVE-2016-3655 CVE-2015-7361 CVE-2013-5702 CVE-2016-1271 CVE-2016-0777 CVE-2014-5502 CVE-2014-6278 CVE-2016-1312 CVE-2016-1342 CVE-2016-3654 CVE-2015-5965 CVE-2016-1270 CVE-2015-8605 CVE-2014-5501 CVE-2014-7187 CVE-2016-1287 CVE-2016-1287 CVE-2015-4162 CVE-2015-3626 CVE-2016-1269 CVE-2015-8000 CVE-2014-7186 CVE-2016-1301 CVE-2015-6435 CVE-2014-3764 CVE-2015-2323 CVE-2016-1268 CVE-2015-0235 CVE-2014-6277 CVE-2016-1295 CVE-2015-6411 CVE-2013-5664 CVE-2015-1880 CVE-2016-1267 CVE-2014-2537 CVE-2014-7169 CVE-2015-6423 CVE-2015-6380 CVE-2013-5663 CVE-2014-8616 CVE-2016-1264 CRITICAL CVE-2013-5932 CVE-2014-6271 CVE-2015-6383 CVE-2015-6374 CVE-2012-6605 CVE-2015-1571 CVE-2016-1262 HIGH (bugfix also) CVE-2013-7350 CVE-2015-6379 CVE-2015-6371 CVE-2012-6604 CVE-2015-1452 CVE-2016-1260 MEDIUM CVE-2014-1673 CVE-2015-6344 CVE-2015-6370 CVE-2012-6603 CVE-2015-1451 CVE-2016-1258 LOW CVE-2014-1672 CVE-2015-6327 CVE-2015-6369 CVE-2012-6602 CVE-2014-0351 CVE-2016-1257 CVE-2013-7311 CVE-2015-6326 CVE-2015-6368 CVE-2012-6601 CVE-2014-2216 CVE-2016-1256 CVE-2015-6325 CVE-2015-6373 CVE-2012-6600 CVE-2013-7182 CVE-2015-7752 CVE-2015-6324 CVE-2015-6372 CVE-2012-6599 CVE-2013-7181 CVE-2015-7751 CVE-2015-4321 CVE-2015-6307 CVE-2012-6598 CVE-2013-1414 CVE-2015-7749 CVE-2015-4458 CVE-2015-4287 CVE-2012-6597 CVE-2013-4604 CVE-2015-7748 CVE-2015-4241 CVE-2015-0678 CVE-2012-6596 CVE-2014-6451 CVE-2015-4239 CVE-2012-6595 CVE-2014-6450 CVE-2015-4238 CVE-2012-6594 CVE-2014-6449 CVE-2015-4550 CVE-2012-6593 CVE-2015-7323 CVE-2015-0760 CVE-2012-6592 CVE-2015-7322 CVE-2015-0742 CVE-2012-6591 CVE-2015-5363 CVE-2015-0677 CVE-2012-6590 CVE-2015-5360 CVE-2015-0676 CVE-2015-5357 CVE-2015-0675 CVE-2015-5362 CVE-2015-0678 CVE-2015-5359 CVE-2014-8023 CVE-2015-5358 CVE-2015-0619 CVE-2015-3007 CVE-2015-3005 CVE-2015-3004 CVE-2015-3003 CVE-2015-3002 CVE-2014-6386
© Copyright SonicWall SECURITY VULNERABILITIES IN THE FIREWALL - CONTINUED Sources:https://www.cvedetails.com/vendor/628/Sonicwall.html
COMBATTING CLAIMS
SUMMARY
© Copyright SonicWall [VENDOR HERE] SHORTCOMINGS - SUMMARY • 4 Firewall lines, 3 OSs’ with an unclear future and limited upgrade / migration paths • Datasheet numbers more fiction than fact, real world ~30% of datasheet numbers • Build on out of date opensource code causing lack of features • Server protection completely reliant on reverse proxying • AV engine with limited protocol support, CIFS protection totally reliant on endpoint software • File size limitations across the board • Lack of 3rd Party Certification and Validation Confusing product lines, inflated Datasheet nrs, incomplete security engine&features       
© Copyright SonicWall SONICWALL’SSUPERIORITYOVER [VENDOR HERE] • Wider protocol support on GAV without file size limits and better coverage with better SSL inspection engine • Rock solid HA without limitations • Stronger networking, VPN and Remote Access feature set • Strong Wireless security • Overall a better router, firewall, wireless security and stronger security services • Clear product lines, single OS, single management platform, more clarity overall • Strong set of 3rd party validations and certifications Inspect every packet without file size limits and rock solid HA without caveats
© Copyright SonicWall KEYFEATUREDIFFERENTIATIONS Feature Wire Mode     IP Helper IP Help / Relay non-DHCP (e.g. NetBIOS)     Connection Limiting     WAN Acceleration / Optimization     Dynamic Routing over VPN     Route Based VPN     IKEv2     Suite B Cryptography    - Native iOS, Android and win 10 apps     External Guest Authentication Centralized External Guest Authentication Server    
© Copyright SonicWall SECURITYSERVICESDIFFERENTIATIONS Feature DNS Rebind Attack Prevention     Botnet Filtering    Requires ATP  SMTP Only Non-SMTP requires client Real-Time Application Visualization     AV TCP Stream scanning     AV Protocol Support HTTP(S), FTP, IMAP, SMTP(S), POP3, CIFS, SMB, SMBv2, SMBv3 HTTP(S), FTP, IMAP, SMTP(S), POP3 Requires App Proxies HTTP(S), FTP, IMAP, SMTP(S), POP3 Limitations when not using App Proxies HTTP(S), FTP, IMAP, SMTP(S), POP3 Unlimited File Size Protection   HTTP(S) 25 MB FTP 20 MB Email 50 MB ? UI allows values of SMTP 1-999 HTTP 1-9999  HTTP(S) 250 MB FTP 20 MB Email 50 MB Cloud AV    
© Copyright SonicWall SSL INSPECTION DIFFERENTIATIONS Feature SSL Inspection on non 443     SSL Inspection method Streambased Proxy Proxy Proxy Granularity Enabled globally Inclusion&Exclusion based on Address&User Object/Groups HTTPS inspection on/off per policy HTTPS inspection on/off per policy HTTPS inspection on/off per policy Inclusion/Exclusion based on CFS category    Exclusions Only Exclusion based on Certificate CN     SSL Inspection on non 443    
LIVE DEMOS
© Copyright SonicWall LIVE DEMOS SonicWall http://livedemo.sonicwall.com entire portfolio
GO BEAT THEM JodySpoor,TME jspoor@sonicwall.com

Recommended

SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693
SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693 SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693
SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693
Muhammad Adeel Kazim⭐⭐⭐⭐⭐
 
Fortinet sandboxing
Fortinet sandboxingFortinet sandboxing
Fortinet sandboxing
Nick Straughan
 
F5 TMOS v13.0
F5 TMOS v13.0F5 TMOS v13.0
F5 TMOS v13.0
MarketingArrowECS_CZ
 
IXIA Breaking Point
IXIA Breaking PointIXIA Breaking Point
IXIA Breaking Point
MUK Extreme
 
MPP Phone Roadmap
MPP Phone RoadmapMPP Phone Roadmap
MPP Phone Roadmap
Cisco Canada
 
Vision one-customer
Vision one-customerVision one-customer
Vision one-customer
Marie-Agnès PONS
 
DDoS Protection System DPS
DDoS Protection System DPSDDoS Protection System DPS
DDoS Protection System DPS
Alexander Velikiy
 
Meraki powered services bell
Meraki powered services bellMeraki powered services bell
Meraki powered services bell
Cisco Canada
 

Recommended

SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693
SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693 SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693
SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693
Muhammad Adeel Kazim⭐⭐⭐⭐⭐
 
Fortinet sandboxing
Fortinet sandboxingFortinet sandboxing
Fortinet sandboxing
Nick Straughan
 
F5 TMOS v13.0
F5 TMOS v13.0F5 TMOS v13.0
F5 TMOS v13.0
MarketingArrowECS_CZ
 
IXIA Breaking Point
IXIA Breaking PointIXIA Breaking Point
IXIA Breaking Point
MUK Extreme
 
MPP Phone Roadmap
MPP Phone RoadmapMPP Phone Roadmap
MPP Phone Roadmap
Cisco Canada
 
Vision one-customer
Vision one-customerVision one-customer
Vision one-customer
Marie-Agnès PONS
 
DDoS Protection System DPS
DDoS Protection System DPSDDoS Protection System DPS
DDoS Protection System DPS
Alexander Velikiy
 
Meraki powered services bell
Meraki powered services bellMeraki powered services bell
Meraki powered services bell
Cisco Canada
 
Cisco ASA Firepower
Cisco ASA FirepowerCisco ASA Firepower
Cisco ASA Firepower
Anwesh Dixit
 
Brkcrt 1160 c3-rev2
Brkcrt 1160 c3-rev2Brkcrt 1160 c3-rev2
Brkcrt 1160 c3-rev2Solomon Abavire Kobina,
 
FortiGate-200B
FortiGate-200BFortiGate-200B
FortiGate-200B
Компания ИНТРО
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER Services
Oscar Romano
 
Palo alto networks NAT flow logic
Palo alto networks NAT flow logicPalo alto networks NAT flow logic
Palo alto networks NAT flow logic
Alberto Rivai
 
Presentation asa 5585-x next generation multi-service adaptive security app...
Presentation asa 5585-x next generation multi-service adaptive security app...Presentation asa 5585-x next generation multi-service adaptive security app...
Presentation asa 5585-x next generation multi-service adaptive security app...
xKinAnx
 
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallPutting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation Firewall
Cisco Canada
 
Secure collab on prem hikmat
Secure collab on prem hikmatSecure collab on prem hikmat
Secure collab on prem hikmat
Cisco Canada
 
Forti cloud
Forti cloudForti cloud
Forti cloud
Lan & Wan Solutions
 
Web Security Deployment
Web Security DeploymentWeb Security Deployment
Web Security Deployment
Cisco Canada
 
Inside forti os-v524-r5
Inside forti os-v524-r5Inside forti os-v524-r5
Inside forti os-v524-r5
Lan & Wan Solutions
 
Deploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CXDeploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CX
Cisco Canada
 
Aerohive BR100 Branch Router
Aerohive BR100 Branch RouterAerohive BR100 Branch Router
Aerohive BR100 Branch Router
Aerohive Networks
 
Fortinet, держи марку!
Fortinet, держи марку!Fortinet, держи марку!
Fortinet, держи марку!
Компания УЦСБ
 
Fortinet FortiOS 5 Presentation
Fortinet FortiOS 5 PresentationFortinet FortiOS 5 Presentation
Fortinet FortiOS 5 PresentationNCS Computech Ltd.
 
Fortinet Ürün Ailesi
Fortinet Ürün AilesiFortinet Ürün Ailesi
Fortinet Ürün Ailesi
Güney Bilişim
 
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Ajeet Singh
 
Application Visibility and Experience through Flexible Netflow
Application Visibility and Experience through Flexible NetflowApplication Visibility and Experience through Flexible Netflow
Application Visibility and Experience through Flexible Netflow
Cisco DevNet
 
ClearPass design scenarios that solve the toughest security policy requirements
ClearPass design scenarios that solve the toughest security policy requirementsClearPass design scenarios that solve the toughest security policy requirements
ClearPass design scenarios that solve the toughest security policy requirements
Aruba, a Hewlett Packard Enterprise company
 
Cisco asa cx firwewall
Cisco asa cx firwewallCisco asa cx firwewall
Cisco asa cx firwewallAnwesh Dixit
 
CV_AJIT_KULKARNI - crd
CV_AJIT_KULKARNI - crdCV_AJIT_KULKARNI - crd
CV_AJIT_KULKARNI - crdAjit Kulkarni
 
Presentatie 4 takt at maxim shakhov
Presentatie 4 takt at maxim shakhovPresentatie 4 takt at maxim shakhov
Presentatie 4 takt at maxim shakhov
Maxim Shakhov
 

More Related Content

What's hot

Cisco ASA Firepower
Cisco ASA FirepowerCisco ASA Firepower
Cisco ASA Firepower
Anwesh Dixit
 
FortiGate-200B
FortiGate-200BFortiGate-200B
FortiGate-200B
Компания ИНТРО
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER Services
Oscar Romano
 
Palo alto networks NAT flow logic
Palo alto networks NAT flow logicPalo alto networks NAT flow logic
Palo alto networks NAT flow logic
Alberto Rivai
 
Presentation asa 5585-x next generation multi-service adaptive security app...
Presentation asa 5585-x next generation multi-service adaptive security app...Presentation asa 5585-x next generation multi-service adaptive security app...
Presentation asa 5585-x next generation multi-service adaptive security app...
xKinAnx
 
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallPutting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation Firewall
Cisco Canada
 
Secure collab on prem hikmat
Secure collab on prem hikmatSecure collab on prem hikmat
Secure collab on prem hikmat
Cisco Canada
 
Web Security Deployment
Web Security DeploymentWeb Security Deployment
Web Security Deployment
Cisco Canada
 
Inside forti os-v524-r5
Inside forti os-v524-r5Inside forti os-v524-r5
Inside forti os-v524-r5
Lan & Wan Solutions
 
Deploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CXDeploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CX
Cisco Canada
 
Aerohive BR100 Branch Router
Aerohive BR100 Branch RouterAerohive BR100 Branch Router
Aerohive BR100 Branch Router
Aerohive Networks
 
Fortinet, держи марку!
Fortinet, держи марку!Fortinet, держи марку!
Fortinet, держи марку!
Компания УЦСБ
 
Fortinet FortiOS 5 Presentation
Fortinet FortiOS 5 PresentationFortinet FortiOS 5 Presentation
Fortinet FortiOS 5 PresentationNCS Computech Ltd.
 
Fortinet Ürün Ailesi
Fortinet Ürün AilesiFortinet Ürün Ailesi
Fortinet Ürün Ailesi
Güney Bilişim
 
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Ajeet Singh
 
Application Visibility and Experience through Flexible Netflow
Application Visibility and Experience through Flexible NetflowApplication Visibility and Experience through Flexible Netflow
Application Visibility and Experience through Flexible Netflow
Cisco DevNet
 
ClearPass design scenarios that solve the toughest security policy requirements
ClearPass design scenarios that solve the toughest security policy requirementsClearPass design scenarios that solve the toughest security policy requirements
ClearPass design scenarios that solve the toughest security policy requirements
Aruba, a Hewlett Packard Enterprise company
 
Cisco asa cx firwewall
Cisco asa cx firwewallCisco asa cx firwewall
Cisco asa cx firwewallAnwesh Dixit
 

What's hot (20)

Cisco ASA Firepower
Cisco ASA FirepowerCisco ASA Firepower
Cisco ASA Firepower
 
Brkcrt 1160 c3-rev2
Brkcrt 1160 c3-rev2Brkcrt 1160 c3-rev2
Brkcrt 1160 c3-rev2
 
FortiGate-200B
FortiGate-200BFortiGate-200B
FortiGate-200B
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER Services
 
Palo alto networks NAT flow logic
Palo alto networks NAT flow logicPalo alto networks NAT flow logic
Palo alto networks NAT flow logic
 
Presentation asa 5585-x next generation multi-service adaptive security app...
Presentation asa 5585-x next generation multi-service adaptive security app...Presentation asa 5585-x next generation multi-service adaptive security app...
Presentation asa 5585-x next generation multi-service adaptive security app...
 
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallPutting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation Firewall
 
Secure collab on prem hikmat
Secure collab on prem hikmatSecure collab on prem hikmat
Secure collab on prem hikmat
 
Forti cloud
Forti cloudForti cloud
Forti cloud
 
Web Security Deployment
Web Security DeploymentWeb Security Deployment
Web Security Deployment
 
Inside forti os-v524-r5
Inside forti os-v524-r5Inside forti os-v524-r5
Inside forti os-v524-r5
 
Deploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CXDeploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CX
 
Aerohive BR100 Branch Router
Aerohive BR100 Branch RouterAerohive BR100 Branch Router
Aerohive BR100 Branch Router
 
Fortinet, держи марку!
Fortinet, держи марку!Fortinet, держи марку!
Fortinet, держи марку!
 
Fortinet FortiOS 5 Presentation
Fortinet FortiOS 5 PresentationFortinet FortiOS 5 Presentation
Fortinet FortiOS 5 Presentation
 
Fortinet Ürün Ailesi
Fortinet Ürün AilesiFortinet Ürün Ailesi
Fortinet Ürün Ailesi
 
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
 
Application Visibility and Experience through Flexible Netflow
Application Visibility and Experience through Flexible NetflowApplication Visibility and Experience through Flexible Netflow
Application Visibility and Experience through Flexible Netflow
 
ClearPass design scenarios that solve the toughest security policy requirements
ClearPass design scenarios that solve the toughest security policy requirementsClearPass design scenarios that solve the toughest security policy requirements
ClearPass design scenarios that solve the toughest security policy requirements
 
Cisco asa cx firwewall
Cisco asa cx firwewallCisco asa cx firwewall
Cisco asa cx firwewall
 

Viewers also liked

CV_AJIT_KULKARNI - crd
CV_AJIT_KULKARNI - crdCV_AJIT_KULKARNI - crd
CV_AJIT_KULKARNI - crdAjit Kulkarni
 
Presentatie 4 takt at maxim shakhov
Presentatie 4 takt at maxim shakhovPresentatie 4 takt at maxim shakhov
Presentatie 4 takt at maxim shakhov
Maxim Shakhov
 
Catalogo DE CELULARES
Catalogo DE CELULARES Catalogo DE CELULARES
Catalogo DE CELULARES
Jhordy Espinoza Medina
 
Adros Prezentācija_atlase
Adros Prezentācija_atlaseAdros Prezentācija_atlase
Adros Prezentācija_atlaseAleksej Saveljev
 
Mapa mental
Mapa mentalMapa mental
Mapa mental
sulibeth74
 
Jeffrey.brown.resume.doc
Jeffrey.brown.resume.docJeffrey.brown.resume.doc
Jeffrey.brown.resume.doc
Jeff Brown
 
ОРЗ
ОРЗОРЗ
ОРЗ
k_alex94
 
Brochure - Post & Parcel Asia Pacific 2016
Brochure - Post & Parcel Asia Pacific 2016Brochure - Post & Parcel Asia Pacific 2016
Brochure - Post & Parcel Asia Pacific 2016Sarah Leonard
 
TimTul - eina de comunicació
TimTul - eina de comunicacióTimTul - eina de comunicació
TimTul - eina de comunicació
Alejandro Rodríguez-Acosta Docio
 
media panning IZZE final
media panning IZZE finalmedia panning IZZE final
media panning IZZE finalHannah Corcoran
 
Inormation Literacy Paper
Inormation Literacy PaperInormation Literacy Paper
Inormation Literacy Paper
Seneca Washburn
 
Final T^3 presentation
Final T^3 presentationFinal T^3 presentation
Final T^3 presentationKush Patel
 
De geschiedenis van AMG
De geschiedenis van AMGDe geschiedenis van AMG
De geschiedenis van AMG
Ayoub Aouami
 
La radio marina
La radio marinaLa radio marina
La radio marina
Aula14
 
Ryan Eagle- Get me on vine.com
Ryan Eagle- Get me on vine.comRyan Eagle- Get me on vine.com
Ryan Eagle- Get me on vine.com
ryaneaglevine
 

Viewers also liked (18)

CV_AJIT_KULKARNI - crd
CV_AJIT_KULKARNI - crdCV_AJIT_KULKARNI - crd
CV_AJIT_KULKARNI - crd
 
Presentatie 4 takt at maxim shakhov
Presentatie 4 takt at maxim shakhovPresentatie 4 takt at maxim shakhov
Presentatie 4 takt at maxim shakhov
 
Catalogo DE CELULARES
Catalogo DE CELULARES Catalogo DE CELULARES
Catalogo DE CELULARES
 
Adros Prezentācija_atlase
Adros Prezentācija_atlaseAdros Prezentācija_atlase
Adros Prezentācija_atlase
 
Mapa mental
Mapa mentalMapa mental
Mapa mental
 
Jeffrey.brown.resume.doc
Jeffrey.brown.resume.docJeffrey.brown.resume.doc
Jeffrey.brown.resume.doc
 
EMEA-DSG Lab
EMEA-DSG LabEMEA-DSG Lab
EMEA-DSG Lab
 
ОРЗ
ОРЗОРЗ
ОРЗ
 
GMU
GMUGMU
GMU
 
Brochure - Post & Parcel Asia Pacific 2016
Brochure - Post & Parcel Asia Pacific 2016Brochure - Post & Parcel Asia Pacific 2016
Brochure - Post & Parcel Asia Pacific 2016
 
TimTul - eina de comunicació
TimTul - eina de comunicacióTimTul - eina de comunicació
TimTul - eina de comunicació
 
media panning IZZE final
media panning IZZE finalmedia panning IZZE final
media panning IZZE final
 
Inormation Literacy Paper
Inormation Literacy PaperInormation Literacy Paper
Inormation Literacy Paper
 
Final T^3 presentation
Final T^3 presentationFinal T^3 presentation
Final T^3 presentation
 
De geschiedenis van AMG
De geschiedenis van AMGDe geschiedenis van AMG
De geschiedenis van AMG
 
La radio marina
La radio marinaLa radio marina
La radio marina
 
Ryan Eagle- Get me on vine.com
Ryan Eagle- Get me on vine.comRyan Eagle- Get me on vine.com
Ryan Eagle- Get me on vine.com
 
My Presentatian
My PresentatianMy Presentatian
My Presentatian
 

Similar to Blank - Competitive Analysis - MASTER

Cisco Security portfolio update
Cisco Security portfolio updateCisco Security portfolio update
Cisco Security portfolio update
Atanas Gergiminov
 
F5 Solutions for Service Providers
F5 Solutions for Service ProvidersF5 Solutions for Service Providers
F5 Solutions for Service Providers
BAKOTECH
 
Ngfw overview
Ngfw overviewNgfw overview
Ngfw overview
Motty Ben Atia
 
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
Cisco Russia
 
HotSpot de Planet WSG-500
HotSpot de Planet WSG-500HotSpot de Planet WSG-500
HotSpot de Planet WSG-500Cartronic Group
 
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation FirewallCisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
Cisco Canada
 
What’s New at Cloudflare: New Product Launches
What’s New at Cloudflare: New Product LaunchesWhat’s New at Cloudflare: New Product Launches
What’s New at Cloudflare: New Product Launches
Cloudflare
 
FortiProxy sales presentation-02022020_Vee.pptx
FortiProxy sales presentation-02022020_Vee.pptxFortiProxy sales presentation-02022020_Vee.pptx
FortiProxy sales presentation-02022020_Vee.pptx
NuttapolMix
 
Cyberoam SSL VPN
Cyberoam SSL VPNCyberoam SSL VPN
Cyberoam SSL VPN
Ajay Nawani
 
F5 Networks: миграция c Microsoft TMG
F5 Networks: миграция c Microsoft TMGF5 Networks: миграция c Microsoft TMG
F5 Networks: миграция c Microsoft TMG
Dmitry Tikhovich
 
Wifi Security for SOHOs: Cyberoam UTM CR15wi
Wifi Security for SOHOs: Cyberoam UTM CR15wiWifi Security for SOHOs: Cyberoam UTM CR15wi
Wifi Security for SOHOs: Cyberoam UTM CR15wi
niravmahida
 
The feature licenses available for main cisco asa 5500 models
The feature licenses available for main cisco asa 5500 modelsThe feature licenses available for main cisco asa 5500 models
The feature licenses available for main cisco asa 5500 models
IT Tech
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
BAKOTECH
 
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
BAKOTECH
 
Inseptra company product solutions v2 26092014
Inseptra company product solutions v2 26092014Inseptra company product solutions v2 26092014
Inseptra company product solutions v2 26092014
Mustafa Kuğu
 
DDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-HaltdosDDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-Haltdos
Haltdos
 
Fortinet Service specifications shortlist
Fortinet Service specifications shortlistFortinet Service specifications shortlist
Fortinet Service specifications shortlist
wxi95jb74
 
Workshop web rtc customers and use cases
Workshop web rtc customers and use casesWorkshop web rtc customers and use cases
Workshop web rtc customers and use cases
Douglas Tait
 
Palo alto-networks-product-summary-specsheet
Palo alto-networks-product-summary-specsheetPalo alto-networks-product-summary-specsheet
Palo alto-networks-product-summary-specsheet
grammershazil
 

Similar to Blank - Competitive Analysis - MASTER (20)

Cisco Security portfolio update
Cisco Security portfolio updateCisco Security portfolio update
Cisco Security portfolio update
 
F5 Solutions for Service Providers
F5 Solutions for Service ProvidersF5 Solutions for Service Providers
F5 Solutions for Service Providers
 
Ngfw overview
Ngfw overviewNgfw overview
Ngfw overview
 
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
 
HotSpot de Planet WSG-500
HotSpot de Planet WSG-500HotSpot de Planet WSG-500
HotSpot de Planet WSG-500
 
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation FirewallCisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
 
What’s New at Cloudflare: New Product Launches
What’s New at Cloudflare: New Product LaunchesWhat’s New at Cloudflare: New Product Launches
What’s New at Cloudflare: New Product Launches
 
FortiProxy sales presentation-02022020_Vee.pptx
FortiProxy sales presentation-02022020_Vee.pptxFortiProxy sales presentation-02022020_Vee.pptx
FortiProxy sales presentation-02022020_Vee.pptx
 
Air heads rio 2010 aruba pef overview
Air heads rio 2010 aruba pef overviewAir heads rio 2010 aruba pef overview
Air heads rio 2010 aruba pef overview
 
Cyberoam SSL VPN
Cyberoam SSL VPNCyberoam SSL VPN
Cyberoam SSL VPN
 
F5 Networks: миграция c Microsoft TMG
F5 Networks: миграция c Microsoft TMGF5 Networks: миграция c Microsoft TMG
F5 Networks: миграция c Microsoft TMG
 
Wifi Security for SOHOs: Cyberoam UTM CR15wi
Wifi Security for SOHOs: Cyberoam UTM CR15wiWifi Security for SOHOs: Cyberoam UTM CR15wi
Wifi Security for SOHOs: Cyberoam UTM CR15wi
 
The feature licenses available for main cisco asa 5500 models
The feature licenses available for main cisco asa 5500 modelsThe feature licenses available for main cisco asa 5500 models
The feature licenses available for main cisco asa 5500 models
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
 
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
 
Inseptra company product solutions v2 26092014
Inseptra company product solutions v2 26092014Inseptra company product solutions v2 26092014
Inseptra company product solutions v2 26092014
 
DDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-HaltdosDDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-Haltdos
 
Fortinet Service specifications shortlist
Fortinet Service specifications shortlistFortinet Service specifications shortlist
Fortinet Service specifications shortlist
 
Workshop web rtc customers and use cases
Workshop web rtc customers and use casesWorkshop web rtc customers and use cases
Workshop web rtc customers and use cases
 
Palo alto-networks-product-summary-specsheet
Palo alto-networks-product-summary-specsheetPalo alto-networks-product-summary-specsheet
Palo alto-networks-product-summary-specsheet
 

Blank - Competitive Analysis - MASTER

  • 1. [VENDOR HERE] VS SONICWALL COMPETITIVE ANALYSIS [Subtitlehere] ByJodySpoor,TME Version[HERE]–2017-01 [VendorFirmwareVersionhere]
  • 2. © Copyright SonicWall SONICWALL VS [VENDOR HERE] QUICK OVERVIEW SonicWALL Strengths: • Stronger portfolio including Email Security, Remote Access and Wireless • Wider protocol support on GAV without file size limits and better coverage with better SSL inspection engine • HA without limitations • Strong set of 3rd party validations and certifications [VENDOR HERE] Weaknesses: • No external access points • No WAN acceleration and optimization • Limited VPN capabilities and no native iOS, Android and windows 10 clients • Typical application proxy with limited protocol support and file size limitations, no CIFS/SMB support at all • Limited HA • No sandbox       Stronger portfolio including wireless, HA without limitations, GAV without filesize limits
  • 3. © Copyright SonicWall Product Lines2 AGENDA [VENDOR HERE] Datasheet vs Reality Feature Comparison 3rd Party Validations 1 Combatting Claims 3 4 5 6 Summary7
  • 5. © Copyright SonicWall [VENDOR HERE] [VENDOR INFORMATION HERE] About [VENDOR HERE]
  • 6. © Copyright SonicWall [VENDOR HERE] STRENGTHSVS WEAKNESSES Sophos Strengths: • Really strong endpoint software and integration (SG only, limited on XG)(1) • Very good UI on the XG series (complete overhaul) (2) • Strong set of Microsoft proxies on the XG series • Unified policies on the XG series [VENDOR HERE] Weaknesses: • Three competing product lines with two of them no future and one of them is unfinished • Overinflated data sheet numbers • AV engine with limited protocol support, CIFS protection totally reliant on endpoint software • File size limitations across the board • Lack of 3rd Party Certification and Validation Could be a threat if OS is finished, at the moment it’s a mess !!! (1)Improvedin16.0butnotyetcompelte (2)UIchangedtoamoreconventionalonein16.0
  • 8. © Copyright SonicWall [VENDOR HERE] FIREWALL PRODUCT LINES SMB / Distributed Enterprise Branch /Campus Enterprise / Data Center
  • 9. © Copyright SonicWall [VENDOR HERE] PRODUCTS FEATURE 105 115 125 135 210 230 310 330 430 450 550 560 MSRP Total Protect 1yr $638 $940 $1,280 $1,975 $3,241 $4,578 $6,419 $8,762 $13,448 $18,943 $27,916 $42,608 Stateful Firewall Throughput (Mbps) 1,500 2,300 3,100 6,000 11,000 13,000 17,000 20,000 25,000 27,000 40,000 60,000 IPS Throughput Datasheet / Normalized (Mbps) 350 / 105 500 / 150 750 / 225 1,500 / 450 2,000 / 600 3,000 / 900 5,000 / 1,500 6,000 / 1,800 7,000 / 2,100 8,000 / 2,400 12,000 / 3,600 16,000 / 4,800 AntiVirus Throughput Datasheet / Normalized (Mbps) 90 / 27 130 / 36 200 / 60 350 / 105 500 / 150 800 / 240 1,200 / 360 1,500 / 450 2,000 / 660 2,500 / 750 3,500 / 1,050 5,000 / 1,500 COMPARABLE SONICWALL PRODUCT SOHO SOHO/TZ300 TZ300/TZ400 TZ400/TZ500 NSA2600/3600 NSA 3600 NSA 4600 NSA 5600 NSA 5600/6600 Normalizationfactorbasedondiversethroughputtests/reports SNWL0,9 SPHS0.3
  • 11. © Copyright SonicWall DATASHEETVS REALITY [VENDOR HERE] publishes only a limited set of numbers on their datasheet, Firewall, VPN, IPS and AV- proxy Especially the IPS and AV throughput numbers seem far from reality [VENDOR HERE] Datasheet more fiction then fact
  • 14. © Copyright SonicWall NETWORKING Sources: [VENDORADMINGUIDE] Feature Bridge Mode     Wire Mode     TAP Mode     WWAN     Multi WAN  Round Robin, Spill over, Ratio  Weighted Round Robin  Weighted Round Robin  Weighted Round Robin Zone Based     Address Objects / Groups   Dedicated IP and FQDN groups   Dedicated IP and FQDN groups
  • 15. © Copyright SonicWall NETWORKING- CONTINUED Feature Full Featured DHCP Server Including DHCP Options   IP+DNS+WINS only   IP+DNS+WINS+ HTTP Proxy Option only DHCP Relay     IP Helper IP Help / Relay non-DHCP (e.g. NetBIOS)     MAC-IP Spoof Prevention     Connection Limiting  Per Firewall Rule even    Connection Rate Limiting  L2+L3 SynFlood, UDP, ICMP  L3 SynFlood, UDP, ICMP  L3 SynFlood, UDP, ICMP  L3 SynFlood, UDP, ICMP WAN Acceleration / Optimization     Sources: [VENDORADMINGUIDE]
  • 16. © Copyright SonicWall ROUTING Feature Policy Based Routing Routing based on Source, Destination and Service   Source Routing + Destination Routing   Source Routing + Destination Routing Probing on Routes Disable route if probe fails     RIP     OSPF    No interface Passive  BGP     Multicast Routing (PIM-SM)     Dynamic Routing over VPN     Sources: [VENDORADMINGUIDE]
  • 18. © Copyright SonicWall WIRELESS Feature Desktop Models with Built in Wireless SOHO-W: a/b/g/n TZ Series: a/b/g/n/ac : a/b/g/n 105w+ 115w: a/b/g/n 125w+135w: a/b/g/n/ac 85w+105w+115w: a/b/g/n 125w+135w: a/b/g/n/ac Mesh Networks  No Access Points   Dynamic VLAN assignment  No Access Points   Rogue AP Detection  No Access Points   Rogue AP Prevention  No Access Points   Wireless RF Monitoring and Analysis  No Access Points   Fairnet & Wireless Multi Media (QoS)  No Access Points   Sources: SophosUTMAdministrationGuide9.351 CyberoamUserGuide10.6.3 SophosXGFirewallAdministratorGuide v15.01
  • 19. VPN & REMOTE ACCESS
  • 20. © Copyright SonicWall VPN & REMOTE ACCESS Feature Route Based VPN  Policy Based Routing    IKEv2   OpenSwan 2.4.9 (2007)  StrongSWAN v4 (2010)  OpenSwan 2.4.9 (2007) Suite B Cryptography    - Yes in 16.01 Vulnerable Open Source SSL VPN   OpenVPN  OpenVPN  OpenVPN (1) Native Win 10 (AppStore) VPN Client   OpenVPN  OpenVPN  OpenVPN Native iOS VPN Client     Native Android VPN Client     Sources: [VENDORADMINGUIDE]
  • 22. © Copyright SonicWall AUTHENTICATION& SSO Feature Active Directory / LDAP     Radius  Support for AD/LDAP Group lookup  No support for Radius Attributes / Groups  No support for Radius Attributes / Groups  Uses Radius Group Attribute TACACS+     Single Sign-On (SSO) SSO Agent Radius Accounting NTLM Terminal Server Agent Radius Accounting Thin Client Agent NTLM Browser Based (NTLM/Kerberos) Works only on standard HTTP requests SSO Agent Radius Accounting Thin Client Agent One-Time Passwords (OTP) Built-in OTP 2FA support using Radius 2FA support using Radius Built-in OTP 2FA support using Radius 2FA support using Radius Guest Accounts  Session Limits Up and Download quotas  No Session limit No quotas Password / Voucher Session Limit Download quotas  No Session limit No quotas External Guest Authentication Centralized External Guest Authentication Server     Sources: [VENDORADMINGUIDE]
  • 24. © Copyright SonicWall SECURITYSERVICES Feature` DNS Rebind Attack Prevention     Botnet Filtering    Requires ATP  SMTP Only Non-SMTP requires client Geo-IP     Real-Time Application Visualization     Application Control Policies based on Categories, Applications and Application sub-signatures Both inclusions and exclusions based on IP/Group Policies based on Applications Inclusions based on Groups Policies based on Applications Inclusions based on IP/Group Policies based on Applications Inclusions based on Groups QoS on Applications QoS per policy QoS per policy QoS per Category/Application QoS per policy Application Categories and Signatures As per 05/18/2016 27 Application Categories 3702 Signatures 22 Application Categories 2674 Signatures 14 Application Categories 1221 Signatures 22 Application Categories 2674 Signatures
  • 25. © Copyright SonicWall SECURITYSERVICES- CONTINUED Feature Gateway Antivirus vendor SonicWALL Kaspersky Sophos / Avira Sophos / Avira AV TCP Stream scanning     AV Protocol Support HTTP(S), FTP, IMAP, SMTP(S), POP3, CIFS, SMB, SMBv2, SMBv3 HTTP(S), FTP, IMAP, SMTP(S), POP3 Requires App Proxies HTTP(S), FTP, IMAP, SMTP(S), POP3 Limitations when not using App Proxies HTTP(S), FTP, IMAP, SMTP(S), POP3 Unlimited File Size Protection   HTTP(S) 25 MB FTP 20 MB Email 50 MB ? UI allows values of SMTP 1-999 HTTP 1-9999  HTTP(S) 250 MB FTP 20 MB Email 50 MB Cloud AV     IPS Granular Control Enabling / Disabling / Exceptions per Category / Signature Signatures need to be applied to Policies Policies applied to rules Enabling / Disabling per Category / Subcategory NOT per signature Signatures need to be applied to Policies Policies applied to rules IPS Categories and Signatures As per 05/18/2016 30 IPS Categories 5124 signatures 21 IPS Categories 6668 signatures 8 categories 1155 attack, 2369 warning Default does not use signatures >12 months 21 IPS Categories 5464 signatures
  • 26. © Copyright SonicWall SSL DECRYPTION Feature SSL Inspection on non 443     SSL Inspection method Streambased Proxy Proxy Proxy Granularity Enabled globally Inclusion&Exclusion based on Address&User Object/Groups HTTPS inspection on/off per policy HTTPS inspection on/off per policy HTTPS inspection on/off per policy Inclusion/Exclusion based on CFS category    Exclusions Only Exclusion based on Certificate CN     Application Control and SSL inspection     Sources: [VENDORADMINGUIDE]
  • 28. © Copyright SonicWall SANDBOX Feature Proprietary Sandbox  Multi engine, one proprietary and two OEM complimentary - Acquired via an acquisition using an OEM. Vendor unknown Multi Engine Sandbox   Cloud or Appliance Cloud Cloud Block until Verdict   Supported Protocols HTTP(S), FTP, IMAP, SMTP(S), POP3, CIFS, SMB, SMBv2, SMBv3 HTTP(S),FTP,SMTP Supported File Types PE & Executables & APK PDF & MS-Office Archives Executables PDF & MS-Office Archives Maximum Filesize Limit 10 MB, will be increased in the future Not listed NOTE:
  • 29. © Copyright SonicWall SONICWALL CAPTURE ADVANCEDTHREATPROTECTIONSERVICE • Multi-engine sandbox detects more threats than single sandbox technology • Broad file type analysis and operating system support • Can block until verdict at the gateway • Rapid deployment of remediation signatures • Reporting and alerts Cloud service detects and blocks zero-day threats at the gateway
  • 31. © Copyright SonicWall HIGH AVAILABILITY Feature SF-OS HA on smaller appliances  All Gen6    HA Backup Link Single HA Link risks Split Brain     HA Support in Bridge Mode   ?  Anti-Spam Junk Summaries / Digests    HA pair means two quarantine stores  HA pair means two quarantine stores Upgrade of HA pair without disabling HA     Sources: [VENDORADMINGUIDE]
  • 33. © Copyright SonicWall MANAGEMENT Feature Full Configuration via WebUI     Full Configuration via Management Software  - IP addressing and routing missing  Firewall rules, Web Filter and VPN only  Global Protection Policies only Simple Provisioning Only needs local GMS settings and WAN configuration Full local interface configuration needed Major local configuration needed Almost full local configuration needed Management Software local or cloud Local Cloud in BETA Local Local Local and Cloud Sophos Central only supports XG Reporting included in Management Software or Separate Included Need separate licensed software Need separate licensed software Need separate licensed software Workflow and Change orders     Cloud Locations US, Amsterdam   US, Germany, Ireland
  • 35. © Copyright SonicWall MANAGEMENT Feature Netflow Support  v5 & v9  v5 only   v5 only IPFIX Support    Missing Interface ID  Real-Time Application Visualization    Flow Monitor  Solera Stack Integration     Reporting Software One time fee per firewall Unlimited size Yearly renewal 1T, 8T or Unlimited Yearly renewal 1T, 8T or Unlimited Yearly renewal 1T, 8T or Unlimited
  • 37. © Copyright SonicWall 3RD PARTY CERIFICATIONS Feature NSS Labs Recommended Firewall     ICSA Labs – Anti Virus     ICSA Labs – Network Firewalls     Common Criteria     IPv6 Phase 1, IPv6 Phase 2    Astaro 8.0 is Phase1 certified  DoD UC APL     FIPS 140-2     CsfC 1H’FY18    Azure Validated VPN Device    
  • 38. © Copyright SonicWall FIPS 140-2 ICSA Firewall ICSA Enterprise Firewall (IPv6, High Availability, VoIP) IPv6 Phase 1 IPv6 Phase 2 NSS Recommended NGFW Approved Products List Integrated Tracking System UCAPL JITC Certified CsfC (InContract) USGv6 Testing (IPv6) Common Criteria EAL NDPP, EAL4+ In Progress: TFFW, IPS Protection Profiles ICSA Antivirus FIREWALLCERTIFICATIONS…ADDINGTO THE BADGE Azure validated VPN Device Certifications do matter
  • 39. © Copyright SonicWall NSS LABS NEXT-GENERATIONFIREWALL SonicWALL > 95% Security Effective NSS Labs, Inc. is the world's leading information security company
  • 40. 2014 2012 2013 2015 NGFW Security Value Map (SVM) Product 2015 2014 2013 2012 SonicWall Y Y Y Y Cisco N Y Y N Sourcefire Y N/A Y N/A PAN N N Y Y Check Point Y Y Y Y Fortinet Y Y Y N WatchGuard N Y N N Forcepoint/Stonesoft Y Y Y Y Barracuda N N N N Cyberoam N N N/A N/A Juniper N N N N Huawei Y N/A N/A N/A Hillstone Networks Y N/A N/A N/A
  • 41. © Copyright SonicWall ICSA LABS ICSA labs Anti-Virus • SonicWALL Firewalls Certified ICSA labs Network Firewalls • SonicWALL Firewalls Certified ICSA labs SSL-TLS • SonicWALL SMA Series Certified ICSA Labs has been providing credible, independent, third-party assurance since 1989 Sources:https://www.icsalabs.com
  • 42. © Copyright SonicWall MICROSOFT ACTIVEPROTECTIONSPROGRAM (MAPP) Maintained by Microsoft Not influenced by Vendors Recognizes vendors that respond <48h SonicWall has never taken longer than 48h to issue protection Members of MAPP receive security vulnerability information from the Microsoft Security Response Center in advance of Microsoft’s monthly security update.
  • 43. © Copyright SonicWall MICROSOFT ACTIVEPROTECTIONSPROGRAM (MAPP) • 2963983 • 2934088 • 2914486, NO • 2896666 • 2887505, only after 48 hours • 2847140 • 2794220, NO • 2719615 • 2639658, only after 48 hours Out of 9 (05/17/2016), SonicWALL: 9/9 Sources:https://technet.microsoft.com/en-us/security/advisorymapp.aspx
  • 44. SECURITY OF THE SECURITY DEVICE
  • 45. © Copyright SonicWall SECURITY VULNERABILITIES IN THE FIREWALL CVE and CCE Vulnerability Database last 3 years SonicWALL (sonicos) Sophos (UTM9) Sophos (Cyberoam) Checkpoint (firewalls) CISCO ASA (ASA) CISCO (firepower) Palo alto (pan-os) Fortinet (fortios) Watchguard (Fireware) Juniper (junos) Total on 19-05-2016 2 9 5 13 29 18 24 17 3 34+ CVE-2016 Year 2016 CVE-2015-7770 CVE-2015-7547 CVE-2016-3968 CVE-2014-8952 CVE-2016-1369 CVE-2016-1369 CVE-2016-3657 CVE-2016-3978 CVE-2014-0338 CVE-2016-1274 CVE-2015 Year 2015 CVE-2015-3447 CVE-2016-2046 CVE-2015-6811 CVE-2014-8951 CVE-2016-1367 CVE-2016-1368 CVE-2016-3656 CVE-2016-1909 CVE-2013-6021 CVE-2016-1273 CVE-2014 Year 2014 CVE-2016-0778 CVE-2014-5503 CVE-2014-8950 CVE-2016-1345 CVE-2016-1345 CVE-2016-3655 CVE-2015-7361 CVE-2013-5702 CVE-2016-1271 CVE-2016-0777 CVE-2014-5502 CVE-2014-6278 CVE-2016-1312 CVE-2016-1342 CVE-2016-3654 CVE-2015-5965 CVE-2016-1270 CVE-2015-8605 CVE-2014-5501 CVE-2014-7187 CVE-2016-1287 CVE-2016-1287 CVE-2015-4162 CVE-2015-3626 CVE-2016-1269 CVE-2015-8000 CVE-2014-7186 CVE-2016-1301 CVE-2015-6435 CVE-2014-3764 CVE-2015-2323 CVE-2016-1268 CVE-2015-0235 CVE-2014-6277 CVE-2016-1295 CVE-2015-6411 CVE-2013-5664 CVE-2015-1880 CVE-2016-1267 CVE-2014-2537 CVE-2014-7169 CVE-2015-6423 CVE-2015-6380 CVE-2013-5663 CVE-2014-8616 CVE-2016-1264 CRITICAL CVE-2013-5932 CVE-2014-6271 CVE-2015-6383 CVE-2015-6374 CVE-2012-6605 CVE-2015-1571 CVE-2016-1262 HIGH (bugfix also) CVE-2013-7350 CVE-2015-6379 CVE-2015-6371 CVE-2012-6604 CVE-2015-1452 CVE-2016-1260 MEDIUM CVE-2014-1673 CVE-2015-6344 CVE-2015-6370 CVE-2012-6603 CVE-2015-1451 CVE-2016-1258 LOW CVE-2014-1672 CVE-2015-6327 CVE-2015-6369 CVE-2012-6602 CVE-2014-0351 CVE-2016-1257 CVE-2013-7311 CVE-2015-6326 CVE-2015-6368 CVE-2012-6601 CVE-2014-2216 CVE-2016-1256 CVE-2015-6325 CVE-2015-6373 CVE-2012-6600 CVE-2013-7182 CVE-2015-7752 CVE-2015-6324 CVE-2015-6372 CVE-2012-6599 CVE-2013-7181 CVE-2015-7751 CVE-2015-4321 CVE-2015-6307 CVE-2012-6598 CVE-2013-1414 CVE-2015-7749 CVE-2015-4458 CVE-2015-4287 CVE-2012-6597 CVE-2013-4604 CVE-2015-7748 CVE-2015-4241 CVE-2015-0678 CVE-2012-6596 CVE-2014-6451 CVE-2015-4239 CVE-2012-6595 CVE-2014-6450 CVE-2015-4238 CVE-2012-6594 CVE-2014-6449 CVE-2015-4550 CVE-2012-6593 CVE-2015-7323 CVE-2015-0760 CVE-2012-6592 CVE-2015-7322 CVE-2015-0742 CVE-2012-6591 CVE-2015-5363 CVE-2015-0677 CVE-2012-6590 CVE-2015-5360 CVE-2015-0676 CVE-2015-5357 CVE-2015-0675 CVE-2015-5362 CVE-2015-0678 CVE-2015-5359 CVE-2014-8023 CVE-2015-5358 CVE-2015-0619 CVE-2015-3007 CVE-2015-3005 CVE-2015-3004 CVE-2015-3003 CVE-2015-3002 CVE-2014-6386 Sources:https://web.nvd.nist.gov/view/vuln/search(updatedon14-1-2016)
  • 46. © Copyright SonicWall SECURITY VULNERABILITIES IN THE FIREWALL Source: https://web.nvd.nist.gov/view/vuln/search (updated on 14-1-2015) CVE and CCE Vulnerability Database last 3 years SonicWALL (sonicos) Sophos (UTM9) Sophos (Cyberoam) Checkpoint (firewalls) CISCO ASA (ASA) CISCO (firepower) Palo alto (pan-os) Fortinet (fortios) Watchguard (Fireware) Juniper (junos) Total on 19-05-2016 2 9 5 13 29 18 24 17 3 34+ CVE-2016 Year 2016 CVE-2015-7770 CVE-2015-7547 CVE-2016-3968 CVE-2014-8952 CVE-2016-1369 CVE-2016-1369 CVE-2016-3657 CVE-2016-3978 CVE-2014-0338 CVE-2016-1274 CVE-2015 Year 2015 CVE-2015-3447 CVE-2016-2046 CVE-2015-6811 CVE-2014-8951 CVE-2016-1367 CVE-2016-1368 CVE-2016-3656 CVE-2016-1909 CVE-2013-6021 CVE-2016-1273 CVE-2014 Year 2014 CVE-2016-0778 CVE-2014-5503 CVE-2014-8950 CVE-2016-1345 CVE-2016-1345 CVE-2016-3655 CVE-2015-7361 CVE-2013-5702 CVE-2016-1271 CVE-2016-0777 CVE-2014-5502 CVE-2014-6278 CVE-2016-1312 CVE-2016-1342 CVE-2016-3654 CVE-2015-5965 CVE-2016-1270 CVE-2015-8605 CVE-2014-5501 CVE-2014-7187 CVE-2016-1287 CVE-2016-1287 CVE-2015-4162 CVE-2015-3626 CVE-2016-1269 CVE-2015-8000 CVE-2014-7186 CVE-2016-1301 CVE-2015-6435 CVE-2014-3764 CVE-2015-2323 CVE-2016-1268 CVE-2015-0235 CVE-2014-6277 CVE-2016-1295 CVE-2015-6411 CVE-2013-5664 CVE-2015-1880 CVE-2016-1267 CVE-2014-2537 CVE-2014-7169 CVE-2015-6423 CVE-2015-6380 CVE-2013-5663 CVE-2014-8616 CVE-2016-1264 CRITICAL CVE-2013-5932 CVE-2014-6271 CVE-2015-6383 CVE-2015-6374 CVE-2012-6605 CVE-2015-1571 CVE-2016-1262 HIGH (bugfix also) CVE-2013-7350 CVE-2015-6379 CVE-2015-6371 CVE-2012-6604 CVE-2015-1452 CVE-2016-1260 MEDIUM CVE-2014-1673 CVE-2015-6344 CVE-2015-6370 CVE-2012-6603 CVE-2015-1451 CVE-2016-1258 LOW CVE-2014-1672 CVE-2015-6327 CVE-2015-6369 CVE-2012-6602 CVE-2014-0351 CVE-2016-1257 CVE-2013-7311 CVE-2015-6326 CVE-2015-6368 CVE-2012-6601 CVE-2014-2216 CVE-2016-1256 CVE-2015-6325 CVE-2015-6373 CVE-2012-6600 CVE-2013-7182 CVE-2015-7752 CVE-2015-6324 CVE-2015-6372 CVE-2012-6599 CVE-2013-7181 CVE-2015-7751 CVE-2015-4321 CVE-2015-6307 CVE-2012-6598 CVE-2013-1414 CVE-2015-7749 CVE-2015-4458 CVE-2015-4287 CVE-2012-6597 CVE-2013-4604 CVE-2015-7748 CVE-2015-4241 CVE-2015-0678 CVE-2012-6596 CVE-2014-6451 CVE-2015-4239 CVE-2012-6595 CVE-2014-6450 CVE-2015-4238 CVE-2012-6594 CVE-2014-6449 CVE-2015-4550 CVE-2012-6593 CVE-2015-7323 CVE-2015-0760 CVE-2012-6592 CVE-2015-7322 CVE-2015-0742 CVE-2012-6591 CVE-2015-5363 CVE-2015-0677 CVE-2012-6590 CVE-2015-5360 CVE-2015-0676 CVE-2015-5357 CVE-2015-0675 CVE-2015-5362 CVE-2015-0678 CVE-2015-5359 CVE-2014-8023 CVE-2015-5358 CVE-2015-0619 CVE-2015-3007 CVE-2015-3005 CVE-2015-3004 CVE-2015-3003 CVE-2015-3002 CVE-2014-6386
  • 47. © Copyright SonicWall SECURITY VULNERABILITIES IN THE FIREWALL - CONTINUED Sources:https://www.cvedetails.com/vendor/628/Sonicwall.html
  • 50. © Copyright SonicWall [VENDOR HERE] SHORTCOMINGS - SUMMARY • 4 Firewall lines, 3 OSs’ with an unclear future and limited upgrade / migration paths • Datasheet numbers more fiction than fact, real world ~30% of datasheet numbers • Build on out of date opensource code causing lack of features • Server protection completely reliant on reverse proxying • AV engine with limited protocol support, CIFS protection totally reliant on endpoint software • File size limitations across the board • Lack of 3rd Party Certification and Validation Confusing product lines, inflated Datasheet nrs, incomplete security engine&features       
  • 51. © Copyright SonicWall SONICWALL’SSUPERIORITYOVER [VENDOR HERE] • Wider protocol support on GAV without file size limits and better coverage with better SSL inspection engine • Rock solid HA without limitations • Stronger networking, VPN and Remote Access feature set • Strong Wireless security • Overall a better router, firewall, wireless security and stronger security services • Clear product lines, single OS, single management platform, more clarity overall • Strong set of 3rd party validations and certifications Inspect every packet without file size limits and rock solid HA without caveats
  • 52. © Copyright SonicWall KEYFEATUREDIFFERENTIATIONS Feature Wire Mode     IP Helper IP Help / Relay non-DHCP (e.g. NetBIOS)     Connection Limiting     WAN Acceleration / Optimization     Dynamic Routing over VPN     Route Based VPN     IKEv2     Suite B Cryptography    - Native iOS, Android and win 10 apps     External Guest Authentication Centralized External Guest Authentication Server    
  • 53. © Copyright SonicWall SECURITYSERVICESDIFFERENTIATIONS Feature DNS Rebind Attack Prevention     Botnet Filtering    Requires ATP  SMTP Only Non-SMTP requires client Real-Time Application Visualization     AV TCP Stream scanning     AV Protocol Support HTTP(S), FTP, IMAP, SMTP(S), POP3, CIFS, SMB, SMBv2, SMBv3 HTTP(S), FTP, IMAP, SMTP(S), POP3 Requires App Proxies HTTP(S), FTP, IMAP, SMTP(S), POP3 Limitations when not using App Proxies HTTP(S), FTP, IMAP, SMTP(S), POP3 Unlimited File Size Protection   HTTP(S) 25 MB FTP 20 MB Email 50 MB ? UI allows values of SMTP 1-999 HTTP 1-9999  HTTP(S) 250 MB FTP 20 MB Email 50 MB Cloud AV    
  • 54. © Copyright SonicWall SSL INSPECTION DIFFERENTIATIONS Feature SSL Inspection on non 443     SSL Inspection method Streambased Proxy Proxy Proxy Granularity Enabled globally Inclusion&Exclusion based on Address&User Object/Groups HTTPS inspection on/off per policy HTTPS inspection on/off per policy HTTPS inspection on/off per policy Inclusion/Exclusion based on CFS category    Exclusions Only Exclusion based on Certificate CN     SSL Inspection on non 443    
  • 56. © Copyright SonicWall LIVE DEMOS SonicWall http://livedemo.sonicwall.com entire portfolio
  • 57. GO BEAT THEM JodySpoor,TME jspoor@sonicwall.com

Editor's Notes

  1. To protect customers against the increasing dangers of unknown, zero-day threats, Dell SonicWALL Capture Advanced Threat Protection (ATP) Service is a cloud-based service for Dell SonicWALL next-generation firewalls that detects and can block unknown threats at the gateway until verdict. SonicWALL Capture is the only advanced threat protection offering that includes multi-layer sandbox technologies that use both system emulation and virtualization techniques to detect more threats than single sandbox solutions which are compute environment specific and susceptible to evasion. The solution scans traffic and extracts suspicious code for analysis and unlike other gateway solutions, analyzes a broad range of files. The Dell SonicWALL GRID threat intelligence infrastructure rapidly deploys remediation signatures for newly identified threats to all Dell SonicWALL network security appliances preventing further infiltration of the identified malware threat. Customers benefit from high security effectiveness, fast response times, and reduced total cost of ownership.
  2. https://www.sophos.com/en-us/support/knowledgebase/123174.aspx
  3. https://www.plixer.com/blog/netflow/astaro-ipfix-reporting-astaro-netflow-support/ https://community.sophos.com/products/unified-threat-management/f/53/t/10887
  4. Common Criteria - https://www.commoncriteriaportal.org/products/ USGV6 - https://www.iol.unh.edu/registry/usgv6?company_name=Dell%20Software%20Inc.&product_type[Router]=Router FIPS 140-2 - http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401vend.htm CsfC - https://www.nsa.gov/resources/everyone/csfc/components-list/ Azure Validated: https://azure.microsoft.com/en-us/documentation/articles/vpn-gateway-about-vpn-devices
  5. Common Criteria - https://www.commoncriteriaportal.org/products/ USGV6 - https://www.iol.unh.edu/registry/usgv6?company_name=Dell%20Software%20Inc.&product_type[Router]=Router FIPS 140-2 - http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401vend.htm CsfC - https://www.nsa.gov/resources/everyone/csfc/components-list/ Azure Validated: https://azure.microsoft.com/en-us/documentation/articles/vpn-gateway-about-vpn-devices/
  6. Sources: https://www.icsalabs.com
  7. Sources: https://technet.microsoft.com/en-us/security/advisorymapp.aspx
  8. Sources: https://technet.microsoft.com/en-us/security/advisorymapp.aspx
  9. Source: https://web.nvd.nist.gov/view/vuln/search (updated on 14-1-2015)
  10. Source: https://web.nvd.nist.gov/view/vuln/search (updated on 14-1-2015)
  11. http://demo.cyberoam.com http://demo01.astaro.com:4445 http://accdemo.astaro.com https://demo.sophos.com/webconsole/webpages/login.jsp
  12. There is no doubt cyber-criminals are getting extremely good at their craft. This is keeping us on edge each and every day.   They are able to hide malware inside common documents that we create, use and share on a daily basis.   They can also disguise and encrypt their attacks using different evasive techniques to infiltrate our networks.   This is part of an increasing trend that we are seeing that will significantly impact the state of our security if it hasn’t already.   Because encryption makes it difficult for hackers to eavesdrop on web connections and to secure the privacy of personal information, we’re seeing considerable growth in encrypted web traffic using the SSL or TLS cryptographic protocol.   The danger here is that with the increased use of encryption for internet communications and data exchange, there is a corresponding increase in the use of encryption by the bad guys to hide malware from us as well.   Skilled attackers can cipher malicious payload as well as command and control communications to bypass defense systems and ultimately open backdoors directly into our network.   Based on recent analyst reports, encrypted web traffic was estimated to be between 15-20% of total web traffic.   In some instances, it could be as high as 70%.   Here is a data point you want to remember. Gartner predicts by 2017, more than half of the network attacks targeting larger organizations will use encrypted traffic to bypass security controls, up from less than 5% in 2013.   Whether this hold up or not, these methods of attacks pose greater risks and are more difficult to protect from because you can’t inspect what you can’t see.
  13. This slide shows the internet traffic can enter and leave the network encrypted. The traffic cannot be inspected in its encrypted state by legacy security system.   You wouldn’t have the ability to understand what is inside that traffic. You wouldn’t know that credit cards were being stolen or financial or health records were being exfiltrated to an external system. If you’re not currently inspecting HTTPS traffic, then you are effectively blind to nearly 2/3 of the internet traffic. Any attacks utilizing SSL/TLS will have 100 percent success rate in compromising your network.   So it is very crucial that you have a capable SSL inspection engine that can effectively decrypts and inspect all traffic coming from or going to client for threats.   In fact, with the movement towards an all encrypted internet, I would say it’s mandatory for all organizations.
  14. To summarized…..   Traffic inspection capabilities can be broken down into two general categories - stateful and deep packet.   A traditional firewall only look at stateful packet inspection. It still have certain value but it must not stop there.   For complete threat protection you have to build security layers on top of stateful inspection.   What NGFW and Deep Packet Inspection does is that it lets you layers in things like   Intrusion preventions with Threat prevention services that can provide complete anti-evasion and inbound anti-spam, anti-phishing and anti-virus protection.   Adding SSL inspection and application control block malware that are well hidden in encrypted traffic or prevent vulnerable web applications from sneaking malware into your networks. And other things of that nature.
  15. Security experts agree, advanced threats such as zero-day exploits and custom malware are on the rise. To better detect these unknown threats, security professionals are deploying advanced threat detection technologies, such as virtual sandboxes, that analyze the behavior of suspicious files and uncover hidden malware. However, threats are getting smarter, and malware is now being designed to detect the presence of a virtual sandbox and evade discovery, limiting the effectiveness of these threat detection technologies. In addition, threats are increasingly hidden in new ways, such as in encrypted SSL traffic, or in files and applications that run on mobile and other connected devices, and may be hidden in files of any size..
  16. To combat today’s evasive, advanced threats, a new approach is needed. Specifically, threat analysis technology that malicious code can’t detect and evade. A threat analysis platform that combines multiple types of malware analysis engines, including not only virtual sandbox environments but also OS and hardware emulation sandboxing, is more effective at discovering zero-day threats than single-engine sandbox solutions that are easier for malware to detect and evade. In addition, threats are increasingly hidden in new ways, such as in encrypted SSL traffic, or in files and applications that run on mobile and other connected devices. Advanced threat detection solutions must inspect traffic, whether encrypted or unencrypted, for suspicious files, and be able to analyze malware hidden in a broad range of file types, file sizes and operating environments to best provide comprehensive zero-day threat detection. Detecting zero-day threats is critical, but detection alone is not enough. Technology that not only inspects traffic for suspicious code but also gives IT control to block suspicious code from entering the network until after it’s analyzed and a verdict is reached can prevent infection and the manual, time consuming tasks necessary to remediate damage. And to prevent follow-on attacks, signatures for newly discovered malware must be quickly generated and automatically distributed across network security devices. For best zero-day threat protection, solutions that can dynamically add new malware analysis engines as the threat landscape evolves will be most effective at detecting today and tomorrow’s advanced threats and malware.
  17. To protect customers against the increasing dangers of unknown, zero-day threats, Dell SonicWALL Capture Advanced Threat Protection (ATP) Service is a cloud-based service for Dell SonicWALL next-generation firewalls that detects and can block unknown threats at the gateway until verdict. SonicWALL Capture is the only advanced threat protection offering that includes multi-layer sandbox technologies that use both system emulation and virtualization techniques to detect more threats than single sandbox solutions which are compute environment specific and susceptible to evasion. The solution scans traffic and extracts suspicious code for analysis and unlike other gateway solutions, analyzes a broad range of files. The Dell SonicWALL GRID threat intelligence infrastructure rapidly deploys remediation signatures for newly identified threats to all Dell SonicWALL network security appliances preventing further infiltration of the identified malware threat. Customers benefit from high security effectiveness, fast response times, and reduced total cost of ownership.
  18. With Dell SonicWALL Capture, you can multiply the effectiveness of your advanced threat analysis. The service revolutionizes advanced threat detection and sandboxing with a multi-engine approach to stopping unknown and zero-day attacks at the gateway, and with automated remediation. Customers benefit from high security effectiveness, fast response times and reduced total cost of ownership.
  19. …helping business owners provide all information relevant to auditors via easy to set up reports. It will also help you put in place certain controls required to be compliant with various industry and government mandates. Using activity reporting, you can also eliminate the wasteful use of network resources. GMS gives IT administrators granular control over Dell SonicWALL devices. Role based access control ensures that different people on the IT staff have different levels of access to reports and different access privileges for making device configuration changes. Inheritance rules and filters give you the tools to quickly make one chance across hundreds or even thousands of devices. You’ll be able to much more quickly provision and manage SonicWALL devices. An extensive set of network alarms will ensure that you will be on top of issues when they are first detected. This in turn will help you increase your response times and minimize any network downtime.
  20. http://accdemo.astaro.com/ http://demo.cyberoam.com/
  21. http://accdemo.astaro.com/ http://demo.cyberoam.com/