Dell Next Generation Firewall(Gen6) and Integrated Solution Colin Wu / 吳 炳 東 Colin_Wu1@dell.com
Agenda Company Overview Dell Product Line-Up Architecture Firewall security services Add-on products Wireless WAN optimization GMS Analyzer Scrutinizer SSO Deployment Scenarios 2 Confidential
Company Overview 3 Confidential
Dell s legacy Became leading provider of subscription services on optimized appliances Shipped one million appliances worldwide Named to Visionaries Quadrant, Gartner Magic Quadrant for SSL VPN Announced SuperMassive E10000 Series 5/9: Joined the Dell family 1991 1996 2005 2007 2010 2011 2012 Founded Became the leader in unit share for Unified Threat Management Firewall appliances Thoma Bravo and SonicWall entered into a partnership Positioned as Leader in Gartner UTM Magic Quadrant Positioned as Visionary in Gartner SSL VPN Magic Quadrant SNWL Earns NNS Labs Recommended Rating for NGFW SVM Shipped two million appliances worldwide 4 Confidential
Dell Taiwan Contact Info $ relevant Jovi Chen 0911-884-831 jochen@sonicwall.com Grace Kuo 0920-407-377 grace.kuo@software.dell.com Tech relevant Colin Wu 0937-559-460 colin_wu1@dell.com Colin.Wu@software.dell.com 5 Confidential
Dell Product Line-Up 6 Confidential
Dell Product Line-Up Network security App Intell & Control GAV/ASW/ IPS CASS Enforced Anti-Virus Content Filtering Mobile Connect Global VPN Client SSL VPN Client Virtual Assist WAN acceleration SonicPoint-ACi / ACe / N2 Secure remote access EPC Connect Mobile Spike Access Advanced Reporting Native Access Modules Secure Virtual Assist Secure Virtual Access Secure Virtual Meeting Web App Firewall Mobile Connect Policy & management GMS Analyzer Scrutinizer 7 Confidential
Dell Next-Gen Firewalls & Unified Threat Management firewalls SuperMassive E10000 Series Data centers, ISPs E10800 E10400 E10200 E-Class NSA Series Medium to large organizations NSA E8510 NSA E8500 NSA E6500 NSA E5500 NSA Series Branch offices and medium sized organizations NSA 4500 NSA 3500 NSA 2400 TZ Series Small and remote offices NSA 250M NSA 220 TZ 205 TZ 105 TZ 215 8 Confidential
Dell Next-Gen Firewalls & Unified Threat Management firewalls SuperMassive E10000 Series Data centers, ISPs E10800 E10400 E9800/ 9600/9400/9200 E-Class NSA Series Medium to large organizations NSA 6600 NSA 5600 NSA Series Branch offices and medium sized organizations NSA 4600 NSA 3600 NSA 2600 TZ Series Small and remote offices TZ600 TZ300/400/500 SOHO NSA 250M NSA 220 9 Confidential
Dell NGFW Lineup Enterprise, Data Center Dell SuperMassive Series SMB/Campus/Branch Dell TZ Series SOHO TZ300 / TZ 400 TZ500 / TZ 600 Dell NSA Series NSA220 NSA250M NSA6400 Dell New NSA Series NSA3600 NSA4600 NSA5600 NSA6600 Supermassive 9800 Supermassive 9600 SuperMassive 9400 SuperMassive 9200 SuperMassive E10800 SuperMassive E10400 SuperMassive E10200 10 Confidential
Architecture 11 Confidential
The design principles for high performance Scan Everything Every bit, every protocol, every user & application Security requirements Consolidated & integrated security technology solution features Multi-tiered protection technology Application Visibility - Inspection of Real-time & latency sensitive applications/traffic Re-Assembly Free DPI (RFDPI) Scalable & high performing enough to protect against perimeter and internal network challenges Multi-core high performance architecture 12 Confidential
Highly Efficient Single-Pass RFDPI Security Engine Proven & Proprietary Reassembly Free Deep Packet Inspection Traditional Firewall with modules NGFW Integrated Architecture: Low-Latency Ultra-Scalable Single Pass Deep Packet Inspection Engine Input Packet Signat ure Signat ure Output Packet TCP Reassemb ly Pattern Definition Language Interpreter Postprocess ors Preproces sors Deep Packet Inspection Engine (Anti-Malware, IPS, Application) Policy Decision API Linearly Scalable on a Massively Multi-Core Architecture 1 Core 96 Cores 13 Confidential
NGFW Orientation Reassembly Free Deep Packet Inspection A? M A Z E D T? Y P I C A L T? E N D A N T A? I N M E N T C? H M E N T K DROP 14 Confidential
Differentiator RFDPI IPS Application Control SSL Decryption RFDPI Engine Application Visualization Threat Prevention Content & URL Filtering 15 Confidential
Firewall security services 16 Confidential
Firewall Security Services Gateway Anti-Virus and Anti- Spyware Real-time gateway anti-virus scanning and dynamic spyware protection Intrusion Prevention Intelligence, Control and Visualization Content Filtering Service Enforced Client Anti-Virus & Anti-Spyware Comprehensive Anti-Spam Service UTM SSL VPN Protects against a comprehensive array of network-based threats and vulnerabilities Granular control & real-time visualization of applications running on your network for maximum security & productivity Blocks inappropriate, illegal and dangerous Web content Automated client anti-virus and antispyware deployment and management Stops spam, phishing & malware at the gateway Secure access to resources on the corporate network for remote and mobile employees 17 Confidential
Gateway Anti-Virus and Anti-Spyware File transfers, sharing FTP, IMAP, HTTP etc IM & P2P SMTP, POP3 19,000+ anti-virus Local signatures 3,300+ antispyware Local signatures 30,732,000+ signatures available on the cloud AV Database Scans & Blocks installation of malicious spyware and disrupts background communications from existing spyware programs that transmit confidential data All protocols across every port, including SSL traffic with DPI SSL. 30M+ signatures detecting millions of pieces of malware and intelligent enough to detect new variants providing effective zero-day protection Unlimited Dell Reassembly-Free Deep Packet Inspection engine scans analyzes all files in real time regardless of file size or compression. 18 Confidential
Intrusion Prevention 5,000+ IPS Local signatures Scan & Block software vulnerabilities such as buffer overflows, peer-to-peer and instant messaging exploits, backdoor attacks, and other malware. Comprehensive Botnet command & control traffic detection & blocking DoS / Flood detection Protocol abuse / anomaly based detection Geographical IP monitoring & blocking Data normalization to prevent evasion SSL traffic decryption & inspection? (1) IDC's Worldwide Mobile Worker Population 2009-2013 Forecast (2) Cisco Connected World Technology Report, 2011 19 Confidential
Application Intelligence, Control and Visualization Identify 3700+application signatures By Application Not by Port & Protocol By User/Group LDAP/SSO Not by IP By Content Inspection Not by Filename Categorize By Application By Application Category By Destination By Content By User/Group Control Prioritize Apps by Policy Manage Apps by Policy Block Apps by Policy Detect and Block Malware Detect & Prevent Intrusion Attempts Manage network bandwidth Beyond ports & protocols 20 Confidential
Content Filtering Service Did You Know? To receive erate funding you are required by law to install a content filtering solution in compliance with the Children s Internet Protection Act. 16M+ Website rating database used to block inappropriate and illegal content, reduces organizational liability and increases productivity 56+ Granular level blocking based on pre-defined categories. IP-based HTTPS content filtering to control user access to web sites over encrypted HTTPS Report & Analyze Application traffic analytics suite - integration with Dell GMS, Analyzer & Scrutinizer provides real-time and historic analysis of data transmitted through the firewall. 21 Confidential
Enforced Client Anti-Virus and Anti-Spyware Software Powered by McAfee Automated & Enforced deployment of Anti-virus and Anti-spyware software to endpoints using the firewall enforcement engine minimizes administrative overhead Always-on and most current Antivirus protection with no end-user intervention, improves productivity and lowers security management Ideal for Distributed Enterprises Policy & Reporting Integrated policy engine with comprehensive reporting on state of each user, historical data on past infection detections and many more. 22 Confidential
Deep Packet Inspection SSL DPI Across other services NGFW Breaking the Typical Target Initiated Attack Cycle Extends Deep Packet inspection to SSL traffic scanning both LAN and WAN traffic for threats and vulnerabilities Across Scans for SSL traffic across other security mechanisms like URL filtering, IP & GAV Granular control Inclusion/Exclusion list to customize which traffic DPI-SSL inspection allows better management of CPU 23 Confidential
Network Traffic Visualization Bandwidth App Traffic Breakdown Drilldown User Traffic Consumption Identify P2P Traffic Real-time Traffic Breakdown 24 Confidential
Add-on products -Wireless -WAN optimization -GMS -Analyzer -Scrutinizer -SSO 25 Confidential
Clean Wireless Clean Wireless Beyond encryption, provides threat detection and prevention scanning for all wireless traffic High performance AC connectivity Act as a replacement for wired connectivity, with speed and extended range Simple Deployment Centralized management and autoprovision to remove the complexity of high speed secure wireless using Firewall as a wireless controller 26 Confidential
WAN Acceleration (WXA) Series WXA 500 Live CD WXA 2000 WXA 4000 WXA 5000 WXA 6000 Software Optimize Network Efficiency LAN-like performance over the WAN to decrease latency and chattiness leading to a better user experience WXA Features Protocol optimization Compression Byte caching/data deduplication SMB/CIFS Acceleration HTTP (Web) caching Simple Deployment Management of Security, WAN Acceleration, VPN, etc. from a single console Automatic provisioning of the WXA appliances Onboard Visualization to see acceleration benefits 27 Confidential
Management and Reporting Centralized Management of Security Policies and Real-time Reporting of Security Events Global Management System GMS Centralized management, visualization, monitoring & alerting, analytics & reporting for Dell appliances. Global Management System Analyzer Centralized visualization, analytics & reporting for Dell security appliances. Scrutinizer Comprehensive Anti-Spam Service IP data-flow monitoring, visualization, analytics & reporting for any network appliance. 28 Confidential
Analyzer Dell Analytics and Reporting Issues Difficulty capturing data for regulatory compliance audits. Hard to identify disruptive users. Hard to prove SLA levels. Solution Centralized console that is easy-to-use and affordable. Integrated features incl. logging, analytics, and historical reporting. Benefits Greater efficiency via a streamlined console. Accurate compliance reports via relevant data. Higher productivity via user activity reporting. Guaranteed high SLAs and security uptime. (1) IDC's Worldwide Mobile Worker Population 2009-2013 Forecast (2) Cisco Connected World Technology Report, 2011 29 Confidential
Scrutinizer Multi-vendor IP Data Flow Analytics and Reporting Identify Issues Imprecise 5000+application isolation signatures of By network Application performance issues in complex data networks. Not by Port & Protocol Untraceable breaches from By within User/Group a corporate LDAP/SSO data network. Not by IP By Non-business Content Inspection data traffic that Not misuses by Filename company resources and employee time. Categorize Solution By Uncover Application bottlenecks and By optimize Application network Category design By with Destination a multi-vendor tool. By Identify Content infected hosts By inside User/Group the corporate network for remediation. Deliver granular reports of user, website, and application usage activity. Benefits Control Lower network costs via Prioritize Apps by Policy optimized, bandwidth Manage Apps by Policy utilization. Block Apps by Policy Proactive mitigation of Detect and Block Malware security threats before loss Detect & Prevent Intrusion occurs. Attempts Higher productivity by Manage network bandwidth managing user activity. 30 Confidential
Global Management System (GMS) Dell Policy Management, Analytics, and Reporting Issues High cost of managing complex security networks. Difficulty capturing data for regulatory compliance audits. Hard to identify disruptive users. Cumbersome license management & renewals. Hard to prove SLA levels. Solution Centralized console to manage, monitor, and report on appliances. Integrated features incl. logging, analytics, change control, license tracking, and historical reporting. Simplified tracking of license and subscription services inventory. Benefits Greater efficiency via a streamlined console. Accurate compliance reports via relevant data. Higher productivity via user activity reporting. Greater profitability via recurring renewals. Guaranteed high SLAs and security uptime. 31 Confidential
SSL VPN for firewalls Clean VPN enables employees to telecommute safely by protecting and securing the integrity of both IPSec and SSL VPN access SSL and IPSec clients on windows, Mac, ios and Android platforms can be used to connect to access network resources like files, applications and email Gateway enforcement And ease of management and configuration flexibility 32 Confidential
Single Sign-On Overview SSO is a transparent user authentication that provides access to network resources with a single login. Access Rules User Workstation Authorized Security Services passwrd123 No need for additional authentication! 33 Confidential
SSO Agent 34 Confidential
Deployment Scenarios 35 Confidential
Top Deployments 1. Traditional NAT Gateway with Security & Remote Access 2. High Availability Modes Active/Passive with State Synchronization Active/Active DPI with State Synchronization Active/Active Clustering 3. In-Line Deployments: Wire mode or Layer 2 Bridge Mode, Tap Mode Easy Network Insertion, no network re-numbering 4. Clean Wireless Deployment Firewall as a wireless controller DPI on all wireless traffic 5. CleanVPN Deployment Firewall as a VPN Concentrator DPI on all incoming VPN traffic 6. VPN Concentrator for Distributed Enterprise Global Management System (GMS) to provision and manage branch offices Connectivity through central SuperMassive or E-Class NSA firewall All security done at the central site 7. Network Segmentation (Security Zones) Network Segmentation via VLAN & Security Zones Different Security policies for each Security Zone 36 Confidential
NGFW Wire & L2 Bridge Mode Deployment NGFW insertion into a network with an existing gateway firewall Layer 2 Bridge or Wire Mode Deployment Before After Discover application usage & threats leaking through the traditional firewall 37 Confidential
NGFW 120G 320G Throughput Firewall Solution Architecture (Connectivity) Demo Rack 38 Confidential
NGFW 120G 320G Throughput Firewall 39 Confidential
Solution Architecture (walking down the disaster lane) X X X X X X 40 Confidential
Clean Wireless Deployment 41 Confidential
Clean Wireless Deployment 42 Confidential
Dell WXA Series deployment scenario 44 Confidential
Dell WXA Series deployment scenario 45 Confidential
Thank You 46 Confidential