SlideShare a Scribd company logo

Ds nsa series_4500

Yustinus Malawau
Yustinus Malawau
1 of 4
Download to read offline
The SonicWALL Network Security Appliance Series FI R E WALL Unified Threat Management Firewall Organizations of all sizes depend on their networks to access internal and external mission-critical applications. As advances in networking continue to provide tremendous benefit to organizations, they are increasingly challenged by sophisticated and financially-motivated attacks designed to n Unified Threat disrupt communication, degrade performance and compromise data. Malicious attacks penetrate Management outdated stateful packet inspection firewalls with advanced application layer exploits. Point products n Scalable multi-core add layers of security, but are costly, difficult to manage, limited in controlling network misuse and hardware and ineffective against the latest multipronged attacks. Reassembly-Free Deep Packet Inspection The SonicWALL® Network Security Appliance (NSA) Series of Unified Threat Management (UTM) Firewalls, utilizing a unique multi-core design and patented Reassembly-Free Deep Packet n Application intelligence, Inspection™ (RFDPI) technology*, offers complete protection without compromising network control and visualization performance. The NSA Series overcomes the limitations of existing security solutions by scanning n Stateful high availability the entirety of each packet for current internal and external threats in real-time. and load balancing The NSA Series applies UTM protection against a comprehensive array of attacks, combining n High performance and intrusion prevention, anti-virus and, anti-spyware, anti-spam and content filtering with application lowered TCO intelligence, control and visualization. With advanced routing, stateful high-availability and n Advanced routing services high-speed IPSec and SSL VPN technology, the NSA Series adds security, reliability, functionality and networking features and productivity to branch offices, central sites and distributed mid-enterprise networks, while n Standards-based Voice over minimizing cost and complexity. IP (VoIP) Comprised of the SonicWALL NSA 240, NSA 2400, NSA 3500 and NSA 4500, the NSA Series offers a n Secure distributed wireless scalable range of solutions designed to meet the network security needs of any organization. LAN services n Onboard Quality of Service Features and Benefits (QoS) Unified Threat Management integrates intrusion Advanced routing services and networking features prevention, gateway anti-virus, anti-spyware, application incorporate 802.1q VLANs, Multi-WAN failover, zone and intelligence and control, content filtering and anti-spam to object-based management, load balancing, advanced NAT block malware and spam, and offer granular application modes, and more, providing granular configuration control and prevent data leakage. flexibility and comprehensive protection at the Scalable multi-core hardware and Reassembly-Free administrator’s discretion. Deep Packet Inspection scans and eliminates threats of Standards-based Voice over IP (VoIP) capabilities unlimited file sizes, with near-zero latency across provide the highest levels of security for every element of thousands of connections at wire speed. the VoIP infrastructure, from communications equipment Application intelligence, control and visualization to VoIP-ready devices such as SIP Proxies, H.323 provides granular control and real-time visualization of Gatekeepers and Call Servers. applications to guarantee bandwidth prioritization and Secure distributed wireless LAN services enable the ensure maximum network security and productivity. appliance to function as a wireless switch and controller Stateful high availability and load balancing features that automatically detects and configures SonicPoint maximize total network bandwidth and maintain seamless wireless access points network uptime, delivering uninterrupted access to Onboard Quality of Service (QoS) features use industry mission-critical resources, and ensuring that VPN tunnels standard 802.1p and Differentiated Services Code Points and other network traffic will not be interrupted in the (DSCP) Class of Service (CoS) designators to provide event of a failover. powerful and flexible bandwidth management that is vital High performance and lowered TCO are achieved by for VoIP, multimedia content and business-critical using the processing power of multiple cores in unison to applications. dramatically increase throughput and provide simultaneous inspection capabilities, while lowering power consumption. * U.S. Patent 7,310,815–A method and apparatus for data stream analysis and blocking.
Dynamic Security Architecture and Management SonicWALL Deep Packet Inspection Architecture Eliminated Threats & Non-business Traffic SonicWALL Real-time Automatic Threat Application Intelligence Intrusion Prevention 3 1 Gateway Anti-Virus Database Updates Unified Threat Content Filtering Anti-Spyware Clean VPN Management Clean Traffic Firewall Emerging Blended Threats Forwarding Viruses Engine Network I/O Engine Routing Spyware Traffic Traffic PROT Bandwidth L4 L2 L7 L3 IN Management Bandwidth OUT Exploits Management Defrag Stateful Classification and Transformation Normal Flow Order Presentation 2 Update Engine Best-in-Class Threat Protection 1 SonicWALL deep packet inspection protects against This functionality allows threats to be identified and network risks such as viruses, worms, Trojans, spyware, eliminated over unlimited file sizes and unrestricted phishing attacks, emerging threats and Internet misuse. concurrent connections, without interruption. Application intelligence and control adds highly- 3 The SonicWALL NSA Series provides dynamic configurable controls to prevent data leakage and network protection through continuous, automated manage bandwidth at the application level. security updates, protecting against emerging and 2 The SonicWALL Reassembly-Free Deep Packet evolving threats, without requiring any administrator Inspection (RFDPI) technology utilizes SonicWALL’s intervention. multi-core architecture to scan packets in real-time without stalling traffic in memory. Application Intelligence and Control SonicWALL Application Intelligence and Control provides granular control and real-time visualization of applications to guarantee bandwidth prioritization and ensure maximum network security and productivity. An integrated feature of SonicWALL Next-Generation Firewalls, it uses SonicWALL Reassembly-Free Deep Packet Inspection™ technology to identify and control applications in use with easy-to-use pre-defined application categories (such as social media or gaming)—regardless of port or protocol. The SonicWALL Application Flow Monitor provides real-time graphs of applications, ingress and egress bandwidth, active Web site connections and user activity. Eliminated Threats Suppliers Internet Clean Tra c Mobile Users UTM Engine Internal Network Telecommuters SonicWALL Clean VPN The Network Security Appliance Series includes innovative SonicWALL Clean VPN™ technology which decontaminates vulnerabilities and malicious code from remote mobile users Centralized Policy Management and branch offices traffic before it enters the corporate The Network Security Appliance Series can be managed network, and without user intervention. using the SonicWALL Global Management System (GMS®), which provides flexible, powerful and intuitive tools to centrally manage configurations, view real-time monitoring metrics and integrate policy and compliance reporting.
Flexible, Customizable Deployment Options – NSA Series At-A-Glance Every SonicWALL Network Security Appliance solution delivers Unified Threat Management protection, utilizing a Internet breakthrough multi-core hardware design and Reassembly- Free Deep Packet Inspection for internal and external Branch Office network protection without compromising network performance. Each NSA Series product combines Reporting and analysis high-speed intrusion prevention, file and content inspection, and powerful application intelligence and control with an extensive array of advanced networking and flexible configuration features. The NSA Series offers an accessible, affordable platform that is easy to deploy and Fixed manage in a wide variety of corporate, branch office and NSA Series Telecommuter distributed network environments. n The SonicWALL NSA 4500 is ideal for corporate central-site and large distributed environments requiring high throughput capacity and performance n The SonicWALL NSA 3500 is ideal for corporate, branch office and distributed environments needing SonicPoint-N Dual-Band Series GMS Server VoIP Corporate Desktop Corporate Desktop Corporate Desktop Corporate Desktop Servers significant throughput capacity and performance Centralized Marketing VLAN Finance VLAN Management Wireless Laptops n The SonicWALL NSA 2400 is ideal for small- to Corporate Headquarters/Branch Office medium-sized corporate and branch office environments concerned about throughput capacity Server Enforced Client VPN SSL VPN Global Content Filtering Gateway Anti-Virus, Anti-Virus and Anti-Virus Remote VPN Service Anti-Spyware, Intrusion and performance Anti-Spyware Servers Anti-Threat and Anti-Spyware Client PCs Anti- Access Upgrade Client Web Site and Content Prevention, and Application Intelligence and Control Protection Threat Protection Usage Control n The SonicWALL NSA 240 is ideal for small- to medium- sized businesses and branch office sites Security Services and Upgrades Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention and Dynamic Support Services are available 8x5 or 24x7 depending Application Intelligence and Control Service delivers on customer needs. Features include world-class technical intelligent, real-time network security protection against support, crucial firmware updates and upgrades, access to sophisticated application layer and content-based attacks extensive electronic tools and timely hardware replacement including viruses, spyware, worms, Trojans and software to help organizations get the greatest return on their vulnerabilities such as buffer overflows. Application Intelligence and Control SonicWALL investment. delivers a suite of configurable tools designed to prevent data leakage while Global VPN Client Upgrades utilize a software client that is providing granular application-level controls along with tools enabling installed on Windows-based computers and increase workforce visualization of network traffic. productivity by providing secure access to email, files, intranets, Enforced Client Anti-Virus and Anti-Spyware delivers and applications for remote users. Upgrade licenses are comprehensive virus and spyware protection for laptops, available in a variety of user counts allowing this solution to desktops and servers using a single integrated client and offers scale as the organization grows. automated network-wide enforcement of anti-virus and SSL VPN Remote Access Upgrades provide clientless remote anti-spyware policies, definitions and software updates. network level access for PC, Mac and Linux-based systems. With Content Filtering Service enforces protection and productivity integrated SSL VPN technology, SonicWALL UTM appliances policies by employing an innovative rating architecture, utilizing enable seamless and secure remote access to email, files, a dynamic database to block up to 56 categories of objectionable intranets, and applications from a variety of client platforms Web content. via NetExtender, a lightweight client that is pushed onto the user’s machine. NetExtender is installed and configured automatically, requiring no user interaction. ViewPoint Reporting delivers easy-to-use, Web-based capabilities that provide administrators with instant comprehensive insight Comprehensive Anti-Spam Service (CASS) offers small- to into network performance and security. Delivered through a medium-sized businesses comprehensive protection from spam series of historical reports using dashboards and detailed and viruses, with instant deployment over existing SonicWALL summaries, ViewPoint helps organizations of all sizes track firewalls. CASS speeds deployment, eases administration and Internet usage, fulfill regulatory compliance requirements and monitor the reduces overhead by consolidating solutions, providing security status of their network. one-click anti-spam services, with advanced configuration in just ten minutes. Virtual Assist is a remote support tool that enables a technician Deep Packet Inspection for of SSL-Encrypted Traffic (DPI SSL) transparently to assume control of a PC or laptop for the purpose of providing decrypts and scans both inbound and outbound HTTPS traffic using remote technical assistance. With permission, the technician can SonicWALL RFDPI. The traffic is then re-encrypted and sent to its original gain instant access to a computer using a Web browser, making destination if no threats or vulnerabilities are discovered. it easy to diagnose and fix a problem remotely without the need for a pre-installed “fat” client.
Specifications Firewall NSA 240 NSA 2400 NSA 3500 NSA 4500 SonicOS Version SonicOS Enhanced 5.6 (or higher) Stateful Throughput1 600 Mbps 775 Mbps 1.5 Gbps 2.75 Gbps GAV Performance 2 115 Mbps 160 Mbps 350 Mbps 690 MBps Network Security Appliance 4500 IPS Performance 2 195 Mbps 275 Mbps 750 Mbps 1.4 Gbps 01-SSC-7012 UTM Performance 2 110 Mbps 150 Mbps 240 Mbps 600 Mbps IMIX Performance 2 195 Mbps 235 Mbps 580 Mbps 700 Mbps NSA 4500 TotalSecure* (1-year) Maximum Connections 3 85,000/110,000 4 225,000 325,000 500,000 01-SC-7032 Maximum DPI Connections 32,000/50,000 4 125,000 175,000 250,000 New Connections/Sec 2,000 4,000 7,000 10,000 Nodes Supported Unrestricted Denial of Service Attack Prevention 22 classes of DoS, DDoS and scanning attacks SonicPoints Supported (Maximum) 16 32 48 64 VPN NSA 240 NSA 2400 NSA 3500 NSA 4500 3DES/AES Throughput 5 150 Mbps 300 Mbps 625 Mbps 1.0 Gbps Site-to-Site VPN Tunnels 25/50 4 75 800 1,500 Network Security Appliance 3500 Bundled Global VPN Client Licenses 2 (25) 10 (250) 50 (1,000) 500 (3,000) (Maximum) 01-SSC-7016 Bundled SSL VPN Licenses (Maximum) 2 (15) 2 (25) 2 (30) 2 (30) NSA 3500 TotalSecure* (1-year) Virtual Assist Bundled (Maximum) 1 30-day trial (5) 1 (5) 2 (10) 2 (10) 01-SC-7033 Encryption/Authentication/DH Group DES, 3DES, AES (128, 192, 256-bit), MD5, SHA-1/DH Groups 1, 2, 5, 14 Key Exchange Key Exchange IKE, IKEv2, Manual Key, PKI (X.509), L2TP over IPSec Route-Based VPN Yes (OSPF, RIP) Certificate Support Verisign, Thawte, Cybertrust, RSA Keon, Entrust, and Microsoft CA for SonicWALL-to-SonicWALL VPN, SCEP Dead Peer Detection Yes DHCP Over VPN Yes IPSec NAT Traversal Yes Redundant VPN Gateway Yes Global VPN Client Platforms Supported Microsoft® Windows 2000, Windows XP, Microsoft® Vista 32/64-bit, Windows 7 32/64-bit Network Security Appliance 2400 SSL VPN Platforms Supported Microsoft® Windows 2000 / XP / Vista 32/64-bit / Windows 7, Mac 10.4+, Linux FC 3+ / Ubuntu 7+ / OpenSUSE 01-SSC-7020 Security Services NSA 240 NSA 2400 NSA 3500 NSA 4500 NSA 2400 TotalSecure* (1-year) Deep Packet Inspection Service Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention and Application Intelligence and Control 01-SC-7035 Content Filtering Service Premium Edition (CFS) HTTP URL,HTTPS IP, keyword and content scanning ActiveX, Java Applet, and cookie blocking bandwidth management on filtering categories, allow/forbid lists Enforced Client Anti-Virus and Anti-Spyware HTTP/S, SMTP, POP3, IMAP and FTP, Enforced McAfee™ Clients Email attachment blocking, Comprehensive Anti-Spam Service † Supported Application Intelligence Application bandwidth management and control, prioritize or block application and Control by signatures, control file transfers, scan for key words or phrases DPI SSL 6 Provides the ability to decrypt HTTPS traffic transparently, scan this traffic for threats using SonicWALL’s Deep Packet Inspection technology (GAV/AS/IPS/Application Intelligence/CFS),then re-encrypt the traffic and send it to its destination if no threats or vulnerabilities are found. Network Security Appliance 240 This feature works for both clients and servers. TotalSecure* (1-year) Networking NSA 240 NSA 2400 NSA 3500 NSA 4500 01-SSC-8760 IP Address Assignment Static, (DHCP, PPPoE, L2TP and PPTP client), Internal DHCP server, DHCP relay NAT Modes 1:1, 1:many, many:1, many:many, flexible NAT (overlapping IPs), PAT, transparent mode VLAN Interfaces (802.1q) 10/25 4 25 50 200 Routing OSPF, RIPv1/v2, static routes, policy-based routing, Multicast QoS Bandwidth priority, maximum bandwidth, guaranteed bandwidth, DSCP marking, 802.1p IPv6 Yes Authentication XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix Internal Database/Single Sign-on Users 100/100 Users 250/250 Users 300/500 Users 1,000/1,000 Users VoIP Full H.323v1-5, SIP, gatekeeper support, outbound bandwidth management, VoIP over WLAN, deep inspection security, full interoperability with most VoIP gateway and communications devices SonicWALL PC Card to ExpressCard Adapter System NSA 240 NSA 2400 NSA 3500 NSA 4500 (for NSA 240) Zone Security Yes 01-SSC-2887 Schedules One Time, Recurring Object-based/Group-based Management Yes DDNS Yes Management and Monitoring Web GUI (HTTP, HTTPS), Command Line (SSH, Console), SNMP v2: Global management with SonicWALL GMS For more information on SonicWALL Logging and Reporting ViewPoint, Local Log, Syslog, Solera Networks, NetFlow v5/v9, IPFIX with Extensions, Real-time Visualization network security solutions, please High Availability Optional Active/Passive with State Sync4 Optional Active/Passive with State Sync Active/Passive with State Sync visit www.sonicwall.com. Load Balancing Yes, (Outgoing with percent-based, round robin and spill-over); (Incoming with round robin, random distribution, sticky IP, block remap and symmetrical remap) *Includes one-year of Gateway Anti-Virus, Standards TCP/IP, UDP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS, IEEE 802.3 Anti-Spyware, Intrusion Prevention, and Wireless Standards 802.11 a/b/g/n, WPA2, WPA, TKIP, 802.1x, EAP-PEAP, EAP-TTLS Application Intelligence and Control Service, Hardware NSA 240 NSA 2400 NSA 3500 NSA 4500 Content Filtering Service, Dynamic Support Interfaces (3) GE Gigabit Ports+ (6) 10/100, 24x7 and ViewPoint Reporting. 2 USB, PC Card Slot (6) 10/100/1000 Copper Gigabit Ports, 1 Console Interface, 2 USB (Optional 3G/Analog Modem), 1 Console Interface Memory (RAM) 256 MB 512 MB 512 MB 512 MB Flash Memory 32 MB Compact Flash 512 MB Compact Flash 3G Wireless/Modem7* With 3G USB Adapter Modem Power Supply 36W External Single 180W ATX Power Supply Fans No Fan 2 Fans Power Input 10-240V, 50-60Hz 100-240Vac, 60-50Hz Max Power Consumption 15W 42W 64W 66W Total Heat Dissipation 51.1BTU 144BTU 219BTU 225BTU Certifications EAL4+, VPNC, ICSA Firewall 4.1 EAL4+, FIPS 140-2 Level 2, VPNC, ICSA Firewall 4.1 Certifications Pending FIPS 140-2 – – Form Factor 7.125 x 1.5 x 10.5 in/ 1U rack-mountable/ 1U rack-mountable/ and Dimensions 18.10 x 3.81 x 26.67 cm 17 x 10.25 x 1.75 in/ 17 x 13.25 x 1.75 in/ 43.18 x 26 x 4.44 cm 43.18 x 33.65 x 4.44 cm Weight 2.55Lb/1.16Kg 8.05 lbs/ 3.65 kg 11.30 lbs/ 5.14 kg WEEE Weight 3.15Lb/1.43Kg 8.05 lbs/ 3.65 kg 11.30 lbs/ 5.14 kg Major Regulatory FCC Class A, CES Class A, CE, C-Tick, VCCI, Compliance MIC, UL, cUL, TUV/GS, CB, NOM, RoHS, WEEE Environment 32-105° F, 0-40° C 40-105° F, 5-40° C MTBF 9.5 years 16.0 years 14.3 years 14.1 years Humidity 0-95% non-condensing 10-90% non-condensing Certifications 1 Testing Methodologies: Maximum performance based on RFC 2544 (for firewall). Actual performance may vary depending on network conditions and activated services. 2 UTM/Gateway AV/Anti-Spyware/IPS throughput measured using industry standard Spirent WebAvalanche HTTP performance test and Ixia test tools. Testing done with multiple flows through multiple port pairs. 3 Actual maximum connection counts are lower when UTM services are enabled. 4 Only with the NSA 240 Stateful HA and Expansion Upgrade. 5 VPN throughput measured using UDP traffic at 1280 byte packet size adhering to RFC 2544. 6 Supported on the NSA 3500 and higher. 7 Not available on NSA 2400. *USB 3G card and modem are not included. See http://www.sonicwall.com/us/products/cardsupport.html for supported USB devices. † The Comprehensive Anti-Spam Service supports an unrestricted number of users but is recommended for 250 users or less. SonicWALL’s line-up of dynamic security solutions SonicWALL, Inc. 2001 Logic Drive, San Jose, CA 95124 T +1 408.745.9600 F +1 408.745.9300 NETWORK SECURE WEB AND E-MAIL BACKUP POLICY AND www.sonicwall.com SECURITY REMOTE ACCESS SECURITY AND RECOVERY MANAGEMENT ©2010 SonicWALL and the SonicWALL logo is registered trademarks of SonicWALL, Inc. Dynamic Security For The Global Network is a trademark of SonicWALL, Inc. Other product names mentioned herein may be trademarks and/or registered trademarks of their respective companies. Specifications and descriptions subject to change without notice. 10/10 SW 1042

Recommended

Ds nsa series_us_10_april10
Ds nsa series_us_10_april10Ds nsa series_us_10_april10
Ds nsa series_us_10_april10Yustinus Malawau
 
Sonic wall tz series
Sonic wall tz seriesSonic wall tz series
Sonic wall tz seriesShahaji Kaitke
 
1500024 en
1500024 en1500024 en
1500024 enAlber Louis
 
Ds tz series_us_10_april10
Ds tz series_us_10_april10Ds tz series_us_10_april10
Ds tz series_us_10_april10Yustinus Malawau
 
Ds e class-nsa_e8500_us
Ds e class-nsa_e8500_usDs e class-nsa_e8500_us
Ds e class-nsa_e8500_usYustinus Malawau
 
Recomended ip telephony architecture
Recomended ip telephony architectureRecomended ip telephony architecture
Recomended ip telephony architectureFeras Ajjawi
 
Watchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetationWatchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetationKaveh Khosravi
 
Watchguard short introduction
Watchguard short introductionWatchguard short introduction
Watchguard short introductionJimmy Saigon
 

Recommended

Ds nsa series_us_10_april10
Ds nsa series_us_10_april10Ds nsa series_us_10_april10
Ds nsa series_us_10_april10Yustinus Malawau
 
Sonic wall tz series
Sonic wall tz seriesSonic wall tz series
Sonic wall tz seriesShahaji Kaitke
 
1500024 en
1500024 en1500024 en
1500024 enAlber Louis
 
Ds tz series_us_10_april10
Ds tz series_us_10_april10Ds tz series_us_10_april10
Ds tz series_us_10_april10Yustinus Malawau
 
Ds e class-nsa_e8500_us
Ds e class-nsa_e8500_usDs e class-nsa_e8500_us
Ds e class-nsa_e8500_usYustinus Malawau
 
Recomended ip telephony architecture
Recomended ip telephony architectureRecomended ip telephony architecture
Recomended ip telephony architectureFeras Ajjawi
 
Watchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetationWatchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetationKaveh Khosravi
 
Watchguard short introduction
Watchguard short introductionWatchguard short introduction
Watchguard short introductionJimmy Saigon
 
2012 Data Center Security
2012 Data Center Security2012 Data Center Security
2012 Data Center SecuritySzymon Dowgwillowicz-Nowicki
 
VSD Infotech
VSD InfotechVSD Infotech
VSD InfotechVSD infotech
 
Gigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsGigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsTom Kopko
 
Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...
Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...
Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...Underwriters Laboratories
 
DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...
DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...
DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...IJCNCJournal
 
Axial What We Do
Axial What We DoAxial What We Do
Axial What We Dodmcleodglas
 
Mobile slide
Mobile slideMobile slide
Mobile slideAman singh
 
Miercom Unified Threat Management Report - WatchGuard M270
Miercom Unified Threat Management Report - WatchGuard M270Miercom Unified Threat Management Report - WatchGuard M270
Miercom Unified Threat Management Report - WatchGuard M270BAKOTECH
 
Cr32585591
Cr32585591Cr32585591
Cr32585591IJERA Editor
 
Smau Bari 2012 Marco Soldi
Smau Bari 2012 Marco SoldiSmau Bari 2012 Marco Soldi
Smau Bari 2012 Marco SoldiSMAU
 
ITU Kaleidoscope 2013 Presentation
ITU Kaleidoscope 2013 PresentationITU Kaleidoscope 2013 Presentation
ITU Kaleidoscope 2013 PresentationPhil Griffin
 
Bapinger Network Security
Bapinger Network SecurityBapinger Network Security
Bapinger Network SecurityDjadja Sardjana
 
Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Sean Xie
 
Next Generation Network: Security and Architecture
Next Generation Network: Security and ArchitectureNext Generation Network: Security and Architecture
Next Generation Network: Security and Architectureijsrd.com
 
TACTiCS_WP Security_Addressing Security in SDN Environment
TACTiCS_WP Security_Addressing Security in SDN EnvironmentTACTiCS_WP Security_Addressing Security in SDN Environment
TACTiCS_WP Security_Addressing Security in SDN EnvironmentSaikat Chaudhuri
 
Introduction - Trend Micro Deep Security
Introduction - Trend Micro Deep SecurityIntroduction - Trend Micro Deep Security
Introduction - Trend Micro Deep SecurityAndrew Wong
 
Trend Micro - 13martie2012
Trend Micro - 13martie2012Trend Micro - 13martie2012
Trend Micro - 13martie2012Agora Group
 
Trend micro real time threat management press presentation
Trend micro real time threat management press presentationTrend micro real time threat management press presentation
Trend micro real time threat management press presentationAndrew Wong
 
12 wireless ips-ss_12-17-10_a
12 wireless ips-ss_12-17-10_a12 wireless ips-ss_12-17-10_a
12 wireless ips-ss_12-17-10_aAdvantec Distribution
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Anindya Ghosh,
 
Ds e class-sra_series__us
Ds e class-sra_series__usDs e class-sra_series__us
Ds e class-sra_series__usYustinus Malawau
 
E learning a l'educació primària
E learning a l'educació primàriaE learning a l'educació primària
E learning a l'educació primàriagrupAteneu
 

More Related Content

What's hot

Gigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsGigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsTom Kopko
 
Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...
Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...
Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...Underwriters Laboratories
 
DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...
DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...
DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...IJCNCJournal
 
Axial What We Do
Axial What We DoAxial What We Do
Axial What We Dodmcleodglas
 
Miercom Unified Threat Management Report - WatchGuard M270
Miercom Unified Threat Management Report - WatchGuard M270Miercom Unified Threat Management Report - WatchGuard M270
Miercom Unified Threat Management Report - WatchGuard M270BAKOTECH
 
Smau Bari 2012 Marco Soldi
Smau Bari 2012 Marco SoldiSmau Bari 2012 Marco Soldi
Smau Bari 2012 Marco SoldiSMAU
 
ITU Kaleidoscope 2013 Presentation
ITU Kaleidoscope 2013 PresentationITU Kaleidoscope 2013 Presentation
ITU Kaleidoscope 2013 PresentationPhil Griffin
 
Bapinger Network Security
Bapinger Network SecurityBapinger Network Security
Bapinger Network SecurityDjadja Sardjana
 
Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Sean Xie
 
Next Generation Network: Security and Architecture
Next Generation Network: Security and ArchitectureNext Generation Network: Security and Architecture
Next Generation Network: Security and Architectureijsrd.com
 
TACTiCS_WP Security_Addressing Security in SDN Environment
TACTiCS_WP Security_Addressing Security in SDN EnvironmentTACTiCS_WP Security_Addressing Security in SDN Environment
TACTiCS_WP Security_Addressing Security in SDN EnvironmentSaikat Chaudhuri
 
Introduction - Trend Micro Deep Security
Introduction - Trend Micro Deep SecurityIntroduction - Trend Micro Deep Security
Introduction - Trend Micro Deep SecurityAndrew Wong
 
Trend Micro - 13martie2012
Trend Micro - 13martie2012Trend Micro - 13martie2012
Trend Micro - 13martie2012Agora Group
 
Trend micro real time threat management press presentation
Trend micro real time threat management press presentationTrend micro real time threat management press presentation
Trend micro real time threat management press presentationAndrew Wong
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Anindya Ghosh,
 

What's hot (20)

2012 Data Center Security
2012 Data Center Security2012 Data Center Security
2012 Data Center Security
 
VSD Infotech
VSD InfotechVSD Infotech
VSD Infotech
 
Gigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsGigamon - Network Visibility Solutions
Gigamon - Network Visibility Solutions
 
Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...
Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...
Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...
 
DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...
DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...
DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...
 
Axial What We Do
Axial What We DoAxial What We Do
Axial What We Do
 
Mobile slide
Mobile slideMobile slide
Mobile slide
 
Miercom Unified Threat Management Report - WatchGuard M270
Miercom Unified Threat Management Report - WatchGuard M270Miercom Unified Threat Management Report - WatchGuard M270
Miercom Unified Threat Management Report - WatchGuard M270
 
Cr32585591
Cr32585591Cr32585591
Cr32585591
 
Smau Bari 2012 Marco Soldi
Smau Bari 2012 Marco SoldiSmau Bari 2012 Marco Soldi
Smau Bari 2012 Marco Soldi
 
ITU Kaleidoscope 2013 Presentation
ITU Kaleidoscope 2013 PresentationITU Kaleidoscope 2013 Presentation
ITU Kaleidoscope 2013 Presentation
 
Bapinger Network Security
Bapinger Network SecurityBapinger Network Security
Bapinger Network Security
 
Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019
 
Next Generation Network: Security and Architecture
Next Generation Network: Security and ArchitectureNext Generation Network: Security and Architecture
Next Generation Network: Security and Architecture
 
TACTiCS_WP Security_Addressing Security in SDN Environment
TACTiCS_WP Security_Addressing Security in SDN EnvironmentTACTiCS_WP Security_Addressing Security in SDN Environment
TACTiCS_WP Security_Addressing Security in SDN Environment
 
Introduction - Trend Micro Deep Security
Introduction - Trend Micro Deep SecurityIntroduction - Trend Micro Deep Security
Introduction - Trend Micro Deep Security
 
Trend Micro - 13martie2012
Trend Micro - 13martie2012Trend Micro - 13martie2012
Trend Micro - 13martie2012
 
Trend micro real time threat management press presentation
Trend micro real time threat management press presentationTrend micro real time threat management press presentation
Trend micro real time threat management press presentation
 
12 wireless ips-ss_12-17-10_a
12 wireless ips-ss_12-17-10_a12 wireless ips-ss_12-17-10_a
12 wireless ips-ss_12-17-10_a
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
 

Viewers also liked

E learning a l'educació primària
E learning a l'educació primàriaE learning a l'educació primària
E learning a l'educació primàriagrupAteneu
 
2010 magic quadrant utm final 2
2010 magic quadrant utm final 22010 magic quadrant utm final 2
2010 magic quadrant utm final 2Yustinus Malawau
 
The beautiful things numbers can tell you about social media
The beautiful things numbers can tell you about social mediaThe beautiful things numbers can tell you about social media
The beautiful things numbers can tell you about social mediaJacki James
 
WHO laboratory manual for the examination and processing of human semen
WHO laboratory manual for the examination and processing of human semenWHO laboratory manual for the examination and processing of human semen
WHO laboratory manual for the examination and processing of human semenliuyul03
 

Viewers also liked (8)

Ds e class-sra_series__us
Ds e class-sra_series__usDs e class-sra_series__us
Ds e class-sra_series__us
 
E learning a l'educació primària
E learning a l'educació primàriaE learning a l'educació primària
E learning a l'educació primària
 
2010 magic quadrant utm final 2
2010 magic quadrant utm final 22010 magic quadrant utm final 2
2010 magic quadrant utm final 2
 
Canta - BPO
Canta - BPOCanta - BPO
Canta - BPO
 
Algebra de baldor
Algebra de baldorAlgebra de baldor
Algebra de baldor
 
The beautiful things numbers can tell you about social media
The beautiful things numbers can tell you about social mediaThe beautiful things numbers can tell you about social media
The beautiful things numbers can tell you about social media
 
WHO laboratory manual for the examination and processing of human semen
WHO laboratory manual for the examination and processing of human semenWHO laboratory manual for the examination and processing of human semen
WHO laboratory manual for the examination and processing of human semen
 
Ara tt
Ara ttAra tt
Ara tt
 

Similar to Ds nsa series_4500

Sns en-sn160 w-datasheet-201702
Sns en-sn160 w-datasheet-201702Sns en-sn160 w-datasheet-201702
Sns en-sn160 w-datasheet-201702Balázs Antók
 
fortigate-600f-series pdf manual routeur
fortigate-600f-series pdf manual routeurfortigate-600f-series pdf manual routeur
fortigate-600f-series pdf manual routeurrezkellahhichem
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesIşınsu Akçetin
 
Strategy Cloud and Security as a Service
Strategy Cloud and Security as a ServiceStrategy Cloud and Security as a Service
Strategy Cloud and Security as a ServiceAberla
 
Complete Security with Sophos and Softchoice
Complete Security with Sophos and SoftchoiceComplete Security with Sophos and Softchoice
Complete Security with Sophos and SoftchoiceSoftchoice Corporation
 
Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?S&T Consulting Hungary
 
Light sec for service providers brochure
Light sec for service providers brochureLight sec for service providers brochure
Light sec for service providers brochureGeorge Wainblat
 
SonicWALL - Skytek - VnPro.pptx
SonicWALL - Skytek - VnPro.pptxSonicWALL - Skytek - VnPro.pptx
SonicWALL - Skytek - VnPro.pptxssuser813dcd
 
Complete Security
Complete SecurityComplete Security
Complete SecuritySophos
 
Wapples brochure v1 4 eng
Wapples brochure v1 4 engWapples brochure v1 4 eng
Wapples brochure v1 4 enghasbro505
 
Sonic wall crui presentazione per sito crui
Sonic wall crui presentazione per sito cruiSonic wall crui presentazione per sito crui
Sonic wall crui presentazione per sito cruiFondazione CRUI
 
Paetec Security Solutions
Paetec Security SolutionsPaetec Security Solutions
Paetec Security SolutionsDavid Santos
 
Paetec security solutions brochure
Paetec security solutions brochurePaetec security solutions brochure
Paetec security solutions brochureDavid Santos
 
SECURE YOUR NETWORK FROM THE INSIDE OUT
SECURE YOUR NETWORK FROM THE INSIDE OUTSECURE YOUR NETWORK FROM THE INSIDE OUT
SECURE YOUR NETWORK FROM THE INSIDE OUTLen Moncrieffe
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 

Similar to Ds nsa series_4500 (20)

Sonic Wall Product Line Brochure
Sonic Wall Product Line BrochureSonic Wall Product Line Brochure
Sonic Wall Product Line Brochure
 
Sns en-sn160 w-datasheet-201702
Sns en-sn160 w-datasheet-201702Sns en-sn160 w-datasheet-201702
Sns en-sn160 w-datasheet-201702
 
fortigate-600f-series pdf manual routeur
fortigate-600f-series pdf manual routeurfortigate-600f-series pdf manual routeur
fortigate-600f-series pdf manual routeur
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded Devices
 
FortiGate_600E(2).pdf
FortiGate_600E(2).pdfFortiGate_600E(2).pdf
FortiGate_600E(2).pdf
 
Strategy Cloud and Security as a Service
Strategy Cloud and Security as a ServiceStrategy Cloud and Security as a Service
Strategy Cloud and Security as a Service
 
NGFW Brochure 08 08
NGFW Brochure 08 08NGFW Brochure 08 08
NGFW Brochure 08 08
 
Complete Security with Sophos and Softchoice
Complete Security with Sophos and SoftchoiceComplete Security with Sophos and Softchoice
Complete Security with Sophos and Softchoice
 
Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?
 
Light sec for service providers brochure
Light sec for service providers brochureLight sec for service providers brochure
Light sec for service providers brochure
 
SonicWALL - Skytek - VnPro.pptx
SonicWALL - Skytek - VnPro.pptxSonicWALL - Skytek - VnPro.pptx
SonicWALL - Skytek - VnPro.pptx
 
Complete Security
Complete SecurityComplete Security
Complete Security
 
Wapples brochure v1 4 eng
Wapples brochure v1 4 engWapples brochure v1 4 eng
Wapples brochure v1 4 eng
 
Sonic wall crui presentazione per sito crui
Sonic wall crui presentazione per sito cruiSonic wall crui presentazione per sito crui
Sonic wall crui presentazione per sito crui
 
Ixia/Net Optics - Visibility Architecture Solution Brief
Ixia/Net Optics - Visibility Architecture Solution BriefIxia/Net Optics - Visibility Architecture Solution Brief
Ixia/Net Optics - Visibility Architecture Solution Brief
 
Paetec Security Solutions
Paetec Security SolutionsPaetec Security Solutions
Paetec Security Solutions
 
Paetec security solutions brochure
Paetec security solutions brochurePaetec security solutions brochure
Paetec security solutions brochure
 
SECURE YOUR NETWORK FROM THE INSIDE OUT
SECURE YOUR NETWORK FROM THE INSIDE OUTSECURE YOUR NETWORK FROM THE INSIDE OUT
SECURE YOUR NETWORK FROM THE INSIDE OUT
 
Fortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-seriesFortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-series
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 

Ds nsa series_4500

  • 1. The SonicWALL Network Security Appliance Series FI R E WALL Unified Threat Management Firewall Organizations of all sizes depend on their networks to access internal and external mission-critical applications. As advances in networking continue to provide tremendous benefit to organizations, they are increasingly challenged by sophisticated and financially-motivated attacks designed to n Unified Threat disrupt communication, degrade performance and compromise data. Malicious attacks penetrate Management outdated stateful packet inspection firewalls with advanced application layer exploits. Point products n Scalable multi-core add layers of security, but are costly, difficult to manage, limited in controlling network misuse and hardware and ineffective against the latest multipronged attacks. Reassembly-Free Deep Packet Inspection The SonicWALL® Network Security Appliance (NSA) Series of Unified Threat Management (UTM) Firewalls, utilizing a unique multi-core design and patented Reassembly-Free Deep Packet n Application intelligence, Inspection™ (RFDPI) technology*, offers complete protection without compromising network control and visualization performance. The NSA Series overcomes the limitations of existing security solutions by scanning n Stateful high availability the entirety of each packet for current internal and external threats in real-time. and load balancing The NSA Series applies UTM protection against a comprehensive array of attacks, combining n High performance and intrusion prevention, anti-virus and, anti-spyware, anti-spam and content filtering with application lowered TCO intelligence, control and visualization. With advanced routing, stateful high-availability and n Advanced routing services high-speed IPSec and SSL VPN technology, the NSA Series adds security, reliability, functionality and networking features and productivity to branch offices, central sites and distributed mid-enterprise networks, while n Standards-based Voice over minimizing cost and complexity. IP (VoIP) Comprised of the SonicWALL NSA 240, NSA 2400, NSA 3500 and NSA 4500, the NSA Series offers a n Secure distributed wireless scalable range of solutions designed to meet the network security needs of any organization. LAN services n Onboard Quality of Service Features and Benefits (QoS) Unified Threat Management integrates intrusion Advanced routing services and networking features prevention, gateway anti-virus, anti-spyware, application incorporate 802.1q VLANs, Multi-WAN failover, zone and intelligence and control, content filtering and anti-spam to object-based management, load balancing, advanced NAT block malware and spam, and offer granular application modes, and more, providing granular configuration control and prevent data leakage. flexibility and comprehensive protection at the Scalable multi-core hardware and Reassembly-Free administrator’s discretion. Deep Packet Inspection scans and eliminates threats of Standards-based Voice over IP (VoIP) capabilities unlimited file sizes, with near-zero latency across provide the highest levels of security for every element of thousands of connections at wire speed. the VoIP infrastructure, from communications equipment Application intelligence, control and visualization to VoIP-ready devices such as SIP Proxies, H.323 provides granular control and real-time visualization of Gatekeepers and Call Servers. applications to guarantee bandwidth prioritization and Secure distributed wireless LAN services enable the ensure maximum network security and productivity. appliance to function as a wireless switch and controller Stateful high availability and load balancing features that automatically detects and configures SonicPoint maximize total network bandwidth and maintain seamless wireless access points network uptime, delivering uninterrupted access to Onboard Quality of Service (QoS) features use industry mission-critical resources, and ensuring that VPN tunnels standard 802.1p and Differentiated Services Code Points and other network traffic will not be interrupted in the (DSCP) Class of Service (CoS) designators to provide event of a failover. powerful and flexible bandwidth management that is vital High performance and lowered TCO are achieved by for VoIP, multimedia content and business-critical using the processing power of multiple cores in unison to applications. dramatically increase throughput and provide simultaneous inspection capabilities, while lowering power consumption. * U.S. Patent 7,310,815–A method and apparatus for data stream analysis and blocking.
  • 2. Dynamic Security Architecture and Management SonicWALL Deep Packet Inspection Architecture Eliminated Threats & Non-business Traffic SonicWALL Real-time Automatic Threat Application Intelligence Intrusion Prevention 3 1 Gateway Anti-Virus Database Updates Unified Threat Content Filtering Anti-Spyware Clean VPN Management Clean Traffic Firewall Emerging Blended Threats Forwarding Viruses Engine Network I/O Engine Routing Spyware Traffic Traffic PROT Bandwidth L4 L2 L7 L3 IN Management Bandwidth OUT Exploits Management Defrag Stateful Classification and Transformation Normal Flow Order Presentation 2 Update Engine Best-in-Class Threat Protection 1 SonicWALL deep packet inspection protects against This functionality allows threats to be identified and network risks such as viruses, worms, Trojans, spyware, eliminated over unlimited file sizes and unrestricted phishing attacks, emerging threats and Internet misuse. concurrent connections, without interruption. Application intelligence and control adds highly- 3 The SonicWALL NSA Series provides dynamic configurable controls to prevent data leakage and network protection through continuous, automated manage bandwidth at the application level. security updates, protecting against emerging and 2 The SonicWALL Reassembly-Free Deep Packet evolving threats, without requiring any administrator Inspection (RFDPI) technology utilizes SonicWALL’s intervention. multi-core architecture to scan packets in real-time without stalling traffic in memory. Application Intelligence and Control SonicWALL Application Intelligence and Control provides granular control and real-time visualization of applications to guarantee bandwidth prioritization and ensure maximum network security and productivity. An integrated feature of SonicWALL Next-Generation Firewalls, it uses SonicWALL Reassembly-Free Deep Packet Inspection™ technology to identify and control applications in use with easy-to-use pre-defined application categories (such as social media or gaming)—regardless of port or protocol. The SonicWALL Application Flow Monitor provides real-time graphs of applications, ingress and egress bandwidth, active Web site connections and user activity. Eliminated Threats Suppliers Internet Clean Tra c Mobile Users UTM Engine Internal Network Telecommuters SonicWALL Clean VPN The Network Security Appliance Series includes innovative SonicWALL Clean VPN™ technology which decontaminates vulnerabilities and malicious code from remote mobile users Centralized Policy Management and branch offices traffic before it enters the corporate The Network Security Appliance Series can be managed network, and without user intervention. using the SonicWALL Global Management System (GMS®), which provides flexible, powerful and intuitive tools to centrally manage configurations, view real-time monitoring metrics and integrate policy and compliance reporting.
  • 3. Flexible, Customizable Deployment Options – NSA Series At-A-Glance Every SonicWALL Network Security Appliance solution delivers Unified Threat Management protection, utilizing a Internet breakthrough multi-core hardware design and Reassembly- Free Deep Packet Inspection for internal and external Branch Office network protection without compromising network performance. Each NSA Series product combines Reporting and analysis high-speed intrusion prevention, file and content inspection, and powerful application intelligence and control with an extensive array of advanced networking and flexible configuration features. The NSA Series offers an accessible, affordable platform that is easy to deploy and Fixed manage in a wide variety of corporate, branch office and NSA Series Telecommuter distributed network environments. n The SonicWALL NSA 4500 is ideal for corporate central-site and large distributed environments requiring high throughput capacity and performance n The SonicWALL NSA 3500 is ideal for corporate, branch office and distributed environments needing SonicPoint-N Dual-Band Series GMS Server VoIP Corporate Desktop Corporate Desktop Corporate Desktop Corporate Desktop Servers significant throughput capacity and performance Centralized Marketing VLAN Finance VLAN Management Wireless Laptops n The SonicWALL NSA 2400 is ideal for small- to Corporate Headquarters/Branch Office medium-sized corporate and branch office environments concerned about throughput capacity Server Enforced Client VPN SSL VPN Global Content Filtering Gateway Anti-Virus, Anti-Virus and Anti-Virus Remote VPN Service Anti-Spyware, Intrusion and performance Anti-Spyware Servers Anti-Threat and Anti-Spyware Client PCs Anti- Access Upgrade Client Web Site and Content Prevention, and Application Intelligence and Control Protection Threat Protection Usage Control n The SonicWALL NSA 240 is ideal for small- to medium- sized businesses and branch office sites Security Services and Upgrades Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention and Dynamic Support Services are available 8x5 or 24x7 depending Application Intelligence and Control Service delivers on customer needs. Features include world-class technical intelligent, real-time network security protection against support, crucial firmware updates and upgrades, access to sophisticated application layer and content-based attacks extensive electronic tools and timely hardware replacement including viruses, spyware, worms, Trojans and software to help organizations get the greatest return on their vulnerabilities such as buffer overflows. Application Intelligence and Control SonicWALL investment. delivers a suite of configurable tools designed to prevent data leakage while Global VPN Client Upgrades utilize a software client that is providing granular application-level controls along with tools enabling installed on Windows-based computers and increase workforce visualization of network traffic. productivity by providing secure access to email, files, intranets, Enforced Client Anti-Virus and Anti-Spyware delivers and applications for remote users. Upgrade licenses are comprehensive virus and spyware protection for laptops, available in a variety of user counts allowing this solution to desktops and servers using a single integrated client and offers scale as the organization grows. automated network-wide enforcement of anti-virus and SSL VPN Remote Access Upgrades provide clientless remote anti-spyware policies, definitions and software updates. network level access for PC, Mac and Linux-based systems. With Content Filtering Service enforces protection and productivity integrated SSL VPN technology, SonicWALL UTM appliances policies by employing an innovative rating architecture, utilizing enable seamless and secure remote access to email, files, a dynamic database to block up to 56 categories of objectionable intranets, and applications from a variety of client platforms Web content. via NetExtender, a lightweight client that is pushed onto the user’s machine. NetExtender is installed and configured automatically, requiring no user interaction. ViewPoint Reporting delivers easy-to-use, Web-based capabilities that provide administrators with instant comprehensive insight Comprehensive Anti-Spam Service (CASS) offers small- to into network performance and security. Delivered through a medium-sized businesses comprehensive protection from spam series of historical reports using dashboards and detailed and viruses, with instant deployment over existing SonicWALL summaries, ViewPoint helps organizations of all sizes track firewalls. CASS speeds deployment, eases administration and Internet usage, fulfill regulatory compliance requirements and monitor the reduces overhead by consolidating solutions, providing security status of their network. one-click anti-spam services, with advanced configuration in just ten minutes. Virtual Assist is a remote support tool that enables a technician Deep Packet Inspection for of SSL-Encrypted Traffic (DPI SSL) transparently to assume control of a PC or laptop for the purpose of providing decrypts and scans both inbound and outbound HTTPS traffic using remote technical assistance. With permission, the technician can SonicWALL RFDPI. The traffic is then re-encrypted and sent to its original gain instant access to a computer using a Web browser, making destination if no threats or vulnerabilities are discovered. it easy to diagnose and fix a problem remotely without the need for a pre-installed “fat” client.
  • 4. Specifications Firewall NSA 240 NSA 2400 NSA 3500 NSA 4500 SonicOS Version SonicOS Enhanced 5.6 (or higher) Stateful Throughput1 600 Mbps 775 Mbps 1.5 Gbps 2.75 Gbps GAV Performance 2 115 Mbps 160 Mbps 350 Mbps 690 MBps Network Security Appliance 4500 IPS Performance 2 195 Mbps 275 Mbps 750 Mbps 1.4 Gbps 01-SSC-7012 UTM Performance 2 110 Mbps 150 Mbps 240 Mbps 600 Mbps IMIX Performance 2 195 Mbps 235 Mbps 580 Mbps 700 Mbps NSA 4500 TotalSecure* (1-year) Maximum Connections 3 85,000/110,000 4 225,000 325,000 500,000 01-SC-7032 Maximum DPI Connections 32,000/50,000 4 125,000 175,000 250,000 New Connections/Sec 2,000 4,000 7,000 10,000 Nodes Supported Unrestricted Denial of Service Attack Prevention 22 classes of DoS, DDoS and scanning attacks SonicPoints Supported (Maximum) 16 32 48 64 VPN NSA 240 NSA 2400 NSA 3500 NSA 4500 3DES/AES Throughput 5 150 Mbps 300 Mbps 625 Mbps 1.0 Gbps Site-to-Site VPN Tunnels 25/50 4 75 800 1,500 Network Security Appliance 3500 Bundled Global VPN Client Licenses 2 (25) 10 (250) 50 (1,000) 500 (3,000) (Maximum) 01-SSC-7016 Bundled SSL VPN Licenses (Maximum) 2 (15) 2 (25) 2 (30) 2 (30) NSA 3500 TotalSecure* (1-year) Virtual Assist Bundled (Maximum) 1 30-day trial (5) 1 (5) 2 (10) 2 (10) 01-SC-7033 Encryption/Authentication/DH Group DES, 3DES, AES (128, 192, 256-bit), MD5, SHA-1/DH Groups 1, 2, 5, 14 Key Exchange Key Exchange IKE, IKEv2, Manual Key, PKI (X.509), L2TP over IPSec Route-Based VPN Yes (OSPF, RIP) Certificate Support Verisign, Thawte, Cybertrust, RSA Keon, Entrust, and Microsoft CA for SonicWALL-to-SonicWALL VPN, SCEP Dead Peer Detection Yes DHCP Over VPN Yes IPSec NAT Traversal Yes Redundant VPN Gateway Yes Global VPN Client Platforms Supported Microsoft® Windows 2000, Windows XP, Microsoft® Vista 32/64-bit, Windows 7 32/64-bit Network Security Appliance 2400 SSL VPN Platforms Supported Microsoft® Windows 2000 / XP / Vista 32/64-bit / Windows 7, Mac 10.4+, Linux FC 3+ / Ubuntu 7+ / OpenSUSE 01-SSC-7020 Security Services NSA 240 NSA 2400 NSA 3500 NSA 4500 NSA 2400 TotalSecure* (1-year) Deep Packet Inspection Service Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention and Application Intelligence and Control 01-SC-7035 Content Filtering Service Premium Edition (CFS) HTTP URL,HTTPS IP, keyword and content scanning ActiveX, Java Applet, and cookie blocking bandwidth management on filtering categories, allow/forbid lists Enforced Client Anti-Virus and Anti-Spyware HTTP/S, SMTP, POP3, IMAP and FTP, Enforced McAfee™ Clients Email attachment blocking, Comprehensive Anti-Spam Service † Supported Application Intelligence Application bandwidth management and control, prioritize or block application and Control by signatures, control file transfers, scan for key words or phrases DPI SSL 6 Provides the ability to decrypt HTTPS traffic transparently, scan this traffic for threats using SonicWALL’s Deep Packet Inspection technology (GAV/AS/IPS/Application Intelligence/CFS),then re-encrypt the traffic and send it to its destination if no threats or vulnerabilities are found. Network Security Appliance 240 This feature works for both clients and servers. TotalSecure* (1-year) Networking NSA 240 NSA 2400 NSA 3500 NSA 4500 01-SSC-8760 IP Address Assignment Static, (DHCP, PPPoE, L2TP and PPTP client), Internal DHCP server, DHCP relay NAT Modes 1:1, 1:many, many:1, many:many, flexible NAT (overlapping IPs), PAT, transparent mode VLAN Interfaces (802.1q) 10/25 4 25 50 200 Routing OSPF, RIPv1/v2, static routes, policy-based routing, Multicast QoS Bandwidth priority, maximum bandwidth, guaranteed bandwidth, DSCP marking, 802.1p IPv6 Yes Authentication XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix Internal Database/Single Sign-on Users 100/100 Users 250/250 Users 300/500 Users 1,000/1,000 Users VoIP Full H.323v1-5, SIP, gatekeeper support, outbound bandwidth management, VoIP over WLAN, deep inspection security, full interoperability with most VoIP gateway and communications devices SonicWALL PC Card to ExpressCard Adapter System NSA 240 NSA 2400 NSA 3500 NSA 4500 (for NSA 240) Zone Security Yes 01-SSC-2887 Schedules One Time, Recurring Object-based/Group-based Management Yes DDNS Yes Management and Monitoring Web GUI (HTTP, HTTPS), Command Line (SSH, Console), SNMP v2: Global management with SonicWALL GMS For more information on SonicWALL Logging and Reporting ViewPoint, Local Log, Syslog, Solera Networks, NetFlow v5/v9, IPFIX with Extensions, Real-time Visualization network security solutions, please High Availability Optional Active/Passive with State Sync4 Optional Active/Passive with State Sync Active/Passive with State Sync visit www.sonicwall.com. Load Balancing Yes, (Outgoing with percent-based, round robin and spill-over); (Incoming with round robin, random distribution, sticky IP, block remap and symmetrical remap) *Includes one-year of Gateway Anti-Virus, Standards TCP/IP, UDP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS, IEEE 802.3 Anti-Spyware, Intrusion Prevention, and Wireless Standards 802.11 a/b/g/n, WPA2, WPA, TKIP, 802.1x, EAP-PEAP, EAP-TTLS Application Intelligence and Control Service, Hardware NSA 240 NSA 2400 NSA 3500 NSA 4500 Content Filtering Service, Dynamic Support Interfaces (3) GE Gigabit Ports+ (6) 10/100, 24x7 and ViewPoint Reporting. 2 USB, PC Card Slot (6) 10/100/1000 Copper Gigabit Ports, 1 Console Interface, 2 USB (Optional 3G/Analog Modem), 1 Console Interface Memory (RAM) 256 MB 512 MB 512 MB 512 MB Flash Memory 32 MB Compact Flash 512 MB Compact Flash 3G Wireless/Modem7* With 3G USB Adapter Modem Power Supply 36W External Single 180W ATX Power Supply Fans No Fan 2 Fans Power Input 10-240V, 50-60Hz 100-240Vac, 60-50Hz Max Power Consumption 15W 42W 64W 66W Total Heat Dissipation 51.1BTU 144BTU 219BTU 225BTU Certifications EAL4+, VPNC, ICSA Firewall 4.1 EAL4+, FIPS 140-2 Level 2, VPNC, ICSA Firewall 4.1 Certifications Pending FIPS 140-2 – – Form Factor 7.125 x 1.5 x 10.5 in/ 1U rack-mountable/ 1U rack-mountable/ and Dimensions 18.10 x 3.81 x 26.67 cm 17 x 10.25 x 1.75 in/ 17 x 13.25 x 1.75 in/ 43.18 x 26 x 4.44 cm 43.18 x 33.65 x 4.44 cm Weight 2.55Lb/1.16Kg 8.05 lbs/ 3.65 kg 11.30 lbs/ 5.14 kg WEEE Weight 3.15Lb/1.43Kg 8.05 lbs/ 3.65 kg 11.30 lbs/ 5.14 kg Major Regulatory FCC Class A, CES Class A, CE, C-Tick, VCCI, Compliance MIC, UL, cUL, TUV/GS, CB, NOM, RoHS, WEEE Environment 32-105° F, 0-40° C 40-105° F, 5-40° C MTBF 9.5 years 16.0 years 14.3 years 14.1 years Humidity 0-95% non-condensing 10-90% non-condensing Certifications 1 Testing Methodologies: Maximum performance based on RFC 2544 (for firewall). Actual performance may vary depending on network conditions and activated services. 2 UTM/Gateway AV/Anti-Spyware/IPS throughput measured using industry standard Spirent WebAvalanche HTTP performance test and Ixia test tools. Testing done with multiple flows through multiple port pairs. 3 Actual maximum connection counts are lower when UTM services are enabled. 4 Only with the NSA 240 Stateful HA and Expansion Upgrade. 5 VPN throughput measured using UDP traffic at 1280 byte packet size adhering to RFC 2544. 6 Supported on the NSA 3500 and higher. 7 Not available on NSA 2400. *USB 3G card and modem are not included. See http://www.sonicwall.com/us/products/cardsupport.html for supported USB devices. † The Comprehensive Anti-Spam Service supports an unrestricted number of users but is recommended for 250 users or less. SonicWALL’s line-up of dynamic security solutions SonicWALL, Inc. 2001 Logic Drive, San Jose, CA 95124 T +1 408.745.9600 F +1 408.745.9300 NETWORK SECURE WEB AND E-MAIL BACKUP POLICY AND www.sonicwall.com SECURITY REMOTE ACCESS SECURITY AND RECOVERY MANAGEMENT ©2010 SonicWALL and the SonicWALL logo is registered trademarks of SonicWALL, Inc. Dynamic Security For The Global Network is a trademark of SonicWALL, Inc. Other product names mentioned herein may be trademarks and/or registered trademarks of their respective companies. Specifications and descriptions subject to change without notice. 10/10 SW 1042