Achieve Deeper Network Security

Similar documents
Achieve Deeper Network Security and Application Control

Types of cyber-attacks. And how to prevent them

Next-Generation Firewalls: Critical to SMB Network Security

10 easy steps to secure your retail network

Best Practices for Secure Mobile Access

Navigating the NIST Cybersecurity Framework

How to Build a Massively Scalable Next-Generation Firewall

How to Deploy Models using Statistica SVB Nodes

How To Use Shareplex

Logging and Alerting for the Cloud

Jort Kollerie SonicWALL

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Understanding Enterprise Cloud Governance

Dell One Identity Cloud Access Manager How to Configure vworkspace Integration

Applications erode the secure network How can malware be stopped?

Mobile workforce management software solutions. Empowering the evolving workforce with an end-to-end framework

SharePlex for SQL Server

Dell One Identity Cloud Access Manager SonicWALL Integration Overview

Simplify Your Migrations and Upgrades. Part 1: Avoiding risk, downtime and long hours

Using Self Certified SSL Certificates. Paul Fisher. Quest Software. Systems Consultant. Desktop Virtualisation Group

Why it's time to upgrade to a Next Generation Firewall. Dickens Lee Technical Manager

Solving the Security Puzzle

Providing Secure IT Management & Partnering Solution for Bendigo South East College

Top 10 Most Popular Reports in Enterprise Reporter

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

What to Look for When Evaluating Next-Generation Firewalls

formerly Help Desk Authority Quest Free Network Tools User Manual

The Hillstone and Trend Micro Joint Solution

Proactive Performance Management for Enterprise Databases

Dell Spotlight on Active Directory Server Health Wizard Configuration Guide

Dell InTrust Preparing for Auditing Cisco PIX Firewall

Quest vworkspace Virtual Desktop Extensions for Linux

IBM Security Intrusion Prevention Solutions

SSL Performance Problems

Cloud Security Primer MALICIOUS NETWORK COMMUNICATIONS: WHAT ARE YOU OVERLOOKING?

DevOps for the Cloud. Achieving agility throughout the application lifecycle. The business imperative of agility

Content-ID. Content-ID URLS THREATS DATA

Dell SonicWALL Portfolio

Governed Migration using Dell One Identity Manager

Dell One Identity Cloud Access Manager How to Configure for High Availability

Network Security Solution. Arktos Lam

Spotlight Management Pack for SCOM

Dell One Identity Manager Scalability and Performance

How Traditional Firewalls Fail Today s Networks And Why Next-Generation Firewalls Will Prevail

Dell One Identity Cloud Access Manager How to Configure for SSO to SAP NetWeaver using SAML 2.0

Introduction to Version Control in

Reverse Proxy Three Myths Busted

Requirements When Considering a Next- Generation Firewall

Dell One Identity Cloud Access Manager How To Deploy Cloud Access Manager in a Virtual Private Cloud

How to Quickly Create Custom Applications in SharePoint 2010 or 2013 without Custom Code

Content-ID. Content-ID enables customers to apply policies to inspect and control content traversing the network.

Firewall Sandwich. Aleksander Kijewski Presales Engineer Dell Software Group. Dell Security Peak Performance

Dell vworkspace Supports Higher Education s Desktop Virtualization Needs

Data center and cloud management. Enabling data center modernization and IT transformation while simplifying IT management

Dell Statistica. Statistica Document Management System (SDMS) Requirements

Understanding and Configuring Password Manager for Maximum Benefits

Move Data from Oracle to Hadoop and Gain New Business Insights

Beyond the Hype: Advanced Persistent Threats

How to choose the right NGFW for your organization: Independent 3 rd Party Testing

Dell Migration Manager for Enterprise Social What Can and Cannot Be Migrated

Why protection & performance matter

Why Protection and Performance Matter

Desktop Authority vs. Group Policy Preferences

Dell InTrust Preparing for Auditing CheckPoint Firewall

WildFire. Preparing for Modern Network Attacks

Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime

4.0. Offline Folder Wizard. User Guide

Identifying Problematic SQL in Sybase ASE. Abstract. Introduction

Security Analytics Engine 1.0. Help Desk User Guide

Dell NetVault Backup Plug-in for Advanced Encryption 2.2. User s Guide

Networking for Caribbean Development

A Modern Framework for Network Security in the Federal Government

Object Level Authentication

The Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know

Dell Unified Communications Command Suite - Diagnostics 8.0. Data Recorder User Guide

Securing the Small Business Network. Keeping up with the changing threat landscape

FROM PRODUCT TO PLATFORM

Enterprise Reporter Report Library

Quest Collaboration Services How it Works Guide

Organized, Hybridized Network Monitoring

IBM Security X-Force Threat Intelligence

Fighting Advanced Threats

Safeguarding the cloud with IBM Dynamic Cloud Security

Transcription:

Achieve Deeper Network Security Dell Next-Generation Firewalls Abstract Next-generation firewalls (NGFWs) have taken the world by storm, revolutionizing network security as we once knew it. Yet in order to safeguard an organization from today s everevolving threats, NGFWs must be able to deliver a deeper level of network security. Not only must they ensure that every byte of every packet is inspected while maintaining the high performance and low latency that busy networks require, they must also combine high-performance SSL decryption and inspection, an intrusion prevention system (IPS) that features sophisticated anti-evasion technology and a network-based malware protection system that leverages the power of the cloud, so now organizations can block sophisticated new threats that emerge on a daily basis. Dell SonicWALL NGFWs are capable of providing organizations of any size with a without compromising network performance because they are 1 U.S. Patents 7,310,815; 7,600,257; 7,738,380; 7,835,361 designed using a scalable, multi-core hardware architecture and a patented1, single-pass, low latency, Reassembly-Free Deep Packet Inspection (RFDPI) engine that efficiently scans all traffic regardless of port or protocol. In addition to advanced SSL decryption and IPS capabilities, Dell NGFWs also have access to a cloud database that is updated continually with more than 13 million variants of malware, and they are easy to manage and deliver a low total cost of ownership. Introduction: The need for a deeper level of network security Rising security threats The growing use of cloud computing, mobile solutions, Bring Your Own Device (BYOD) policies and the rise of shadow IT have added new levels of risk, complexity and cost to securing an organization s data and intellectual property. Businesses of every size must now combat a wide range of increasingly sophisticated threats, including advanced

Today s organizations need an NGFW that can deliver a deeper level of network security without compromising performance. persistent threats (APTs), cybercriminal activity, spam and malware. At the same time, many organizations are also grappling with tighter budgets and don t have the resources to easily address this. The move towards next-generation firewalls To combat growing security challenges, more and more organizations are migrating from traditional firewalls that focus only on stateful packet inspection (SPI) and access control rules to nextgeneration firewalls (NGFWs). NGFWs have revolutionized network security by providing more robust protection against emerging threats. In addition to traditional firewall features, NGFWs feature a tightly integrated intrusion prevention system (IPS), real-time decryption and inspection of SSL sessions and full control and visualization of application traffic as it crosses the network. Not all next-generation firewalls are created equal Modern attacks employ several complex techniques to avoid detection as they sneak quietly into corporate networks to steal intellectual property. These attacks are often encoded using complicated algorithms to evade detection by intrusion prevention systems. Once the target has been exploited, the attacker will attempt to download and install malware onto the compromised system. In many instances, the malware used is a newly evolved variant that traditional anti-virus solutions cannot detect. Also, the advanced attack often relies on SSL encryption to hide the malware download or even to disguise command and control traffic that is sent by the attacker from halfway around the world. In addition, some organizations rely on NGFWs that compromise network performance for protection, which leads to lowered productivity or some organizations actually turning off or limiting existing security measures in order to keep up with high network performance demands. With today s new threats and threat vectors, this is an extremely risky practice. It is clear that a more advanced set of threat detection and protection capabilities is needed. Ultimately, today s organizations need an NGFW that can deliver a deeper level of network security without compromising performance and a total cost of ownership that is maximized for both large enterprises and small businesses. Dell SonicWALL NGFWs: Delivering a Dell SonicWALL NGFWs deliver a without compromising performance. Dell NGFWs feature SSL decryption and inspection that extends protection to SSL-encrypted traffic, an IPS with advanced anti-evasion technology and cloud-based malware protection that keeps abreast of the latest threats. How Dell NGFWs deliver deeper network security Byte-by-byte packet inspection Dell NGFWs are equipped with a patented, single-pass, low-latency, Reassembly- Free Deep Packet Inspection (RFDPI) engine that inspects every byte of every packet while maintaining high performance and low latency. The RFDPI engine uses a combination of complex countermeasure techniques, realtime decision methodologies and data normalization to block threats within files, attachments and compressed archives regardless of their size, and transform them as needed to perform normalized traffic analysis. Dell NGFWs scan all traffic, regardless of port or protocol, to protect the network from internal and external attacks against application vulnerabilities. Application intelligence and control capabilities are used to examine every packet and identify which applications are in use and who is using them. Dell NGFWs also maintain an application signature database to thoroughly scan, identify and compare application traffic and users. 2

SSL decryption and inspection SSL decryption and inspection is arguably the single most important feature required to provide a deeper level of network security. According to recent research (NSS Labs, 2013), as much as 35% of corporate network traffic is encrypted using SSL. This means that organizations that are not inspecting SSL traffic are effectively blind to a third of the traffic on the network. Further, attacks that utilize SSL will have a 100% success rate in this type of scenario. In order to combat these sophisticated attacks effectively, organizations need the ability to inspect all traffic on any port, regardless of whether that traffic is SSL-encrypted or not. One of the challenges, however, is that most NGFWs available today offer dismal performance when decrypting and inspecting SSL traffic. Dell SonicWALL NGFWs offer best-in-class scalability and performance for SSL decryption and inspection, as evaluated by both Network World magazine and NSS Labs. An IPS with anti-evasion capabilities Cybercriminals often try to circumvent the Intrusion Prevention System (IPS) by using complex algorithms designed to evade detection. Some network security vendor products may not perform adequate data normalization to decode threats before the IPS has a chance to examine them. This enables encoded threats to compromise corporate networks without being noticed. Dell NGFWs are equipped with a tightly integrated IPS with advanced antievasion capabilities so that advanced threats are detected and stopped before they can harm the network. Dell offers cutting-edge IPS threat protection that is capable of reverse-engineering these advanced evasion techniques. In the 2012 NSS Labs Security Value Map (SVM) for IPS, the Dell SonicWALL SuperMassive E10800 with integrated IPS earned the top recommend rating. In fact, in the 2012 NSS Labs IPS testing, Dell s NGFW had higher security effectiveness and performance than some dedicated IPS vendors. Network-based malware protection that is updated continuously Each hour of every day, hundreds of new variants of malware are developed. Although several NGFWs offer networkbased, anti-malware technology, many of these systems are limited to just a few thousand malware signatures, and many are updated as infrequently as once per day. Dell SonicWALL NGFWs access a cloud database with more than 13 million variants of malware that is updated every few minutes around the clock, so that organizations can achieve real-time protection against the latest threats. Yet Dell s RFDPI engine is capable of doing much more than pattern matching. When creating its custom firewall countermeasures, Dell NGFWs look for specific code fragments common to malware families rather than individual variants. This means that the RFDPI engine can identify the malicious code contained in new mutations to provide an additional layer of protection. In addition, Dell SonicWALL NGFWs have been independently tested and certified for network-based malware protection by ICSA Labs (ICSA Labs 2013). The security of an industry leader Dell has over 20 years of experience in the industry, and Gartner has recognized Dell as an industry leader in network security. In the NSS Labs 2013 NGFW Product Analysis Report, Dell s SuperMassive firewall scored 100 percent in anti-evasion, stability and reliability, firewall, application control and identity awareness tests. In 2012, Network World magazine reported in its article Scaling Up with SonicWALL s SuperMassive, The SuperMassive is aptly named... [it] can decrypt SSL traffic very fast in fact these one-off tests show it to be the fastest device by far. All Dell NGFW customers benefit from Dell s commitment to delivering a deeper level of security for around-the-clock protection across the entire organization. The SuperMassive is aptly named... [it] can decrypt SSL traffic very fast in fact these one-off tests show it to be the fastest device by far. Network World magazine, 2012 3

The Network Security Appliance (NSA) Series delivers a high level of security, application control and performance that administrators have come to expect. A range of next-generation firewalls for every organization Dell offers a range of next-generation firewalls to fit the needs of organizations of every size: Dell SonicWALL SuperMassive Series This series is highly scalable for large enterprise organizations that are continually adding growing numbers of users. For the second consecutive year, the SuperMassive E10800 has earned the top rating of Recommended in NSS Labs 2013 Next- Generation Firewall Security Value Map, and has achieved one of the highest security effectiveness ratings in the industry. It has also achieved scores of 100 percent for anti-evasion, stability and reliability, firewall, application control and identity awareness testing in NSS Labs 2013 NGFW Product Analysis Report. The new SuperMassive 9000 Series of firewalls ensures security effectiveness by enforcing intelligent policy decisions, which helps to ease administrative burdens. Housed in an elegant, one-rack unit appliance, SuperMassive 9000 firewalls also serve to save space and lower power and cooling costs. Dell SonicWALL NSA Series The Network Security Appliance (NSA) Series delivers a high level of security, application control and performance that administrators have come to expect. And, because the NSA Series firewalls are affordable and easy to deploy, configure and maintain, they are an ideal choice for the mid-market and SMBs. Conclusion Dell SonicWALL NGFWs provide organizations of any size with a without compromising performance because they are designed to scan all traffic regardless of port or protocol including SSL decrypted traffic; they can detect anti-evasion techniques; and they have network-based anti-malware with access to a cloud database that is continually updated, in addition to being both easy to manage and affordable. Further, Dell is recognized as an industry leader by Gartner, and the Dell SonicWALL SuperMassive E10800 next-generation firewall consistently earns the highest rating of recommended in NSS Labs NGFW Security Value Map. Organizations that adopt Dell NGFWs will benefit from their advanced protection against everevolving, persistent IT security threats. Dell NGFWs are part of Dell s overall portfolio of end-to-end Connected Security solutions, which ensure that organizations of all sizes can protect their intellectual property in an increasingly connected world. To learn more about Dell NGFWs, access http://software.dell.com/solutions/ network-security/. 4

For More Information 2013 Dell, Inc. ALL RIGHTS RESERVED. This document contains proprietary information protected by copyright. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording for any purpose without the written permission of Dell, Inc. ( Dell ). Dell, Dell Software, the Dell Software logo and products as identified in this document are registered trademarks of Dell, Inc. in the U.S.A. and/or other countries. All other trademarks and registered trademarks are property of their respective owners. The information in this document is provided in connection with Dell products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of Dell products. EXCEPT AS SET FORTH IN DELL S TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT, DELL ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL DELL BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF DELL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Dell makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice. Dell does not make any commitment to update the information contained in this document. About Dell Software Dell Software helps customers unlock greater potential through the power of technology delivering scalable, affordable and simple-to-use solutions that simplify IT and mitigate risk. The Dell Software portfolio addresses five key areas of customer needs: data center and cloud management, information management, mobile workforce management, security and data protection. This software, when combined with Dell hardware and services, drives unmatched efficiency and productivity to accelerate business results. If you have any questions regarding your potential use of this material, contact: Dell Software 5 Polaris Way Aliso Viejo, CA 92656 www.dellsoftware.com Refer to our Web site for regional and international office information. 5 Whitepaper-AchieveDeeperNetworkSecurity-US-SW-2013-08-15-22758

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information