Beruflich Dokumente
Kultur Dokumente
Organizations of all sizes depend on their networks to access internal and external mission-critical application
Asadvancesin networkingcontinueto providetremendousbeneifts,organizationsareincreasinglychallenged
n Next-Generation by sophisticated and ifnancially-motivated attacks designed to disrupt communication, degrade performance
Firewall
and compromise data. Malicious attacks penetrate outdated stateful packet inspection ifrewalls with advance
n Scalablemulti-core application layer exploits. Point products add layers of security, but are costly, diifcult to manage, limited in
hardwareand controlling network misuse and ineffective against the latest multipronged attacks.
Reassembly-Free Deep
PacketInspection By utilizing a unique multi-core design and patented Reassembly-Free Deep Packet Inspection™ (RFDPI)
technology*, the SonicWALL® Network Security Appliance (NSA) Series of Next-Generation Firewalls offers
n Applicationintelligence, complete protection without compromising network performance. The low latency NSA Series overcomes
controland visualization the limitations of existing security solutions by scanning the entirety of each packet for current internal and
n Statefulhigh availability external threats in real-time. The NSA Series offers intrusion prevention, malware protection, and application
and load balancing intelligence, control and visualization, while delivering breakthrough performance. With advanced routing,
stateful high-availability and high-speed IPSec and SSL VPN technology, the NSA Series adds security,
n Highperformanceand reliability, functionality and productivity to branch oifces, central sites and distributed mid-enterprise
lowered TCO
networks, while minimizing cost and complexity.
n Networkproductivity
Comprised of the SonicWALL NSA 220, NSA 220 Wireless-N, NSA 250M, NSA 250M Wireless-N, NSA 2400
n Advancedroutingservices 3500 and NSA 4500, the NSA Series offers a scalable range of solutions designed to meet the network secur
and networking needs of any organization.
n Standards-based Voice over
IP (VoIP) Features and Benefits
Next-GenerationFirewallfeaturesintegrateintrusion Advancedroutingservicesand networkingfeatures
n SonicWALL
CleanWireless prevention, gateway anti-virus, anti-spyware and URL incorporate 802.1q VLANs, multi-WAN failover, zone and
ifltering with application intelligence and control, and SSL object-based management, load balancing, advanced NAT
n OnboardQualityof decryption to block threats from entering the network and modes, and more, providing granular conifguration
Service(QoS) providegranularapplicationcontrolwithout compromising lfexibility and comprehensive protection at the
performance. administrator’sdiscretion.
n Integratedmodules
support Scalablemulti-corehardwareand Reassembly-Free Standards-based Voice over IP (VoIP) capabilities
DeepPacketInspectionscans and eliminates threats of provide the highest levels of security for every element of
unlimited ifle sizes, with near-zero latency across thousands the VoIP infrastructure, from communications equipment
of connections at wire speed. to VoIP-ready devices such as SIP Proxies, H.323 Gatekeepers
and Call Servers.
Applicationintelligence,controland visualization
provides granular control and real-time visualization of SonicWALL CleanWirelessoptionally integrated into
applicationsto guaranteebandwidth prioritizationand dual-band wireless models or via SonicWALL SonicPoint
ensure maximum network security and productivity. wireless access points provides powerful and secure
802.11a/b/g/n 3x3 MIMO wireless, and enables scanning for
Statefulhigh availabilityand load balancingfeatures
maximize total network bandwidth and maintain seamless rogue wireless access points in compliance with PCI DSS.
network uptime, delivering uninterrupted access to Onboard Quality of Service (QoS) features use industry
mission-critical resources, and ensuring that VPN tunnels standard 802.1p and Differentiated Services Code Points
and other network traifc will not be interrupted in the (DSCP) Class of Service (CoS) designators to provide
event of a failover. powerful and lfexible bandwidth management that is vital
Highperformanceand loweredTCOare achieved by for VoIP, multimedia content and business-critical
using the processing power of multiple cores in unison to applications.
dramaticallyincreasethroughput and provide simultaneous Integratedmodulessupporton NSA 250M and NSA
inspection capabilities, while lowering power consumption.
250M Wireless-N appliances reduce acquisition and
Networkproductivityincreases because IT can identify maintenancecoststhrough equipment consolidation,
and throttle or block unauthorized, unproductive and and add deployment lfexibility.
non-work related applications and web sites, such as
Facebook® or YouTube®, and can optimize WAN traifc
when integrated with SonicWALL WAN Acceleration
Appliance (WXA) solutions.
Application Intelligence
SonicWALLReal-time
Intrusion Prevention
AutomaticThreat
Gateway Anti-Virus
Content Filtering
Next-Generation Database Updates 3 1
Anti-Spyware
CleanVPN
Firewall
Firewall
Clean Traffic
Emerging
Blended Threats
Forwarding
Viruses Engine
Network
I/O Engine Routing
Spyware
PROT
Traffic Traffic
L4
Bandwidth
L2
L7
L3
IN Management Bandwidth
OUT
Exploits Management
Defrag
Stateful Classification and Transformation
Normal Flow Order Presentation
2
Update Engine
Best-in-ClassThreat Protection
1 SonicWALL deep packet inspection protects against This functionality allows threats to be identified and
network risks such as viruses, worms, Trojans, spyware, eliminated over unlimited file sizes and unrestricted
phishing attacks, emerging threats and Internet misuse. concurrentconnections,without interruption.
Application intelligence and control adds highly-
3 The SonicWALL NSA Series provides dynamic
configurable controls to prevent data leakage and
network protectionthrough continuous,automated
manage bandwidth at the application level.
securityupdates,protecting againstemerging and
2 The SonicWALL Reassembly-Free Deep Packet evolvingthreats,without requiringany administrator
Inspection (RFDPI) technology utilizes SonicWALL’s intervention.
multi-core architecture to scan packets in real-time
without stallingtraffic in memory.
ApplicationIntelligenceand Control
SonicWALL Application Intelligence and Control provides
granular control and real-time visualization of applications
to guarantee bandwidth prioritization and ensure maximum
network security and productivity. An integrated feature of
SonicWALLNext-GenerationFirewalls,it usesSonicWALL
RFDPI technology to identify and control applications in use
with easy-to-usepre-definedapplicationcategories(such
as social media or gaming)—regardless of port or protocol.
SonicWALLApplication TrafficAnalyticsprovidesreal-time
and indepth historical analysis of data transmitted through
the firewall including application activities by user.
Eliminated
Threats
Suppliers
Internet
CleanTraffic
Mobile Users
Next-Generation Internal
Firewall Engine Network
Telecommuters
SonicWALL CleanVPN
The Network Security Appliance Series includes innovative
SonicWALLCleanVPN™ technology which decontaminates
vulnerabilities and malicious code from remote mobile users CentralizedPolicyManagement
and branch offices traffic before it enters the corporate The Network Security Appliance Series can be managed
network,and without userintervention. using the SonicWALL Global Management System, which
provides flexible, powerful and intuitive tools to manage
configurations, view real-time monitoring metrics and
integrate policy and compliance reporting and application
traffic analytics, all from a central location.
Flexible,CustomizableDeploymentOptions– NSASeriesAt-A-Glance
distributednetwork environments.
n The SonicWALL NSA 4500 is ideal for large distributed
and corporate central-site environments requiring high
throughput capacityand performance
n The SonicWALL NSA 3500 is ideal for distributed,branch
office and corporate environments needing significant SonicPoint-Ne
Dual-Band Series
GMS Server VoIP Corporate Desktop Corporate Desktop Corporate Desktop Corporate Desktop Servers
throughput capacityand performance Centralized Marketing VLAN FinanceVLAN
Management Wireless Laptops
n The SonicWALL NSA 2400 is ideal for branch oifce and Corporate Headquarters/Branch Office
SecurityServicesand Upgrades
1
Testing Methodologies: Maximum performance based on RFC 2544 (for firewall). Actual performance may vary depending on network conditions2 Full
and DPI
activated
Performance/Gateway
services. AV/
Anti-Spyware/IPS throughput measured using industry standard Spirent WebAvalanche HTTP performance test and Ixia test tools. Testing done with multiple flows through
3
Actualmaximum
multiple port pairs.
connection counts are lower when Next-Generation Firewall services are
5
VPN
enabled.
throughput measured using UDP traffic at 1280 byte packet size adhering6 Supported
to RFC 2544.
on the NSA 3500 and higher.
7
Not available on NSA 2400. *USB 3G card and modem are not included. See http://www.sonicwall.com/us/products/cardsupport.html for supported
†
The Comprehensive
USB devices. Anti-Spam Service supports an
unrestricted number of users but is recommended for 250 users
8
With
or less.
SonicWALL WXA Series Appliance.
© 2011 SonicWALL, Inc. All rights reser ved. SonicWALL® is a registered trademark of SonicWALL, Inc. and all other SonicWALL produc t and service names and slogans are trademark s or registered trademarks of SonicWALL, Inc. O ther product and compa
mentioned herein may be trademark s and/or registered trademark s of their respective owners. 10/11 SW 1401