Game changing Technology für Ihre Kunden Thomas Bürgis System Engineering Manager CEE
Threats have evolved traditional firewalls & IPS have not Protection centered around ports & protocols Expensive to deploy & manage Unable to detect or block malware Unable to identify traffic by user Blind to SSL encrypted attacks Forces security to performance tradeoff
Underlying foundation of threats: Basic nature of threats is constant change Expanding complexity and reach of threats Global infrastructure Regional networks Cyber-terrorism, morphing and complex threats AI (learn) hacking XSS, SQL Injection attacks Multiple networks Individual networks Individual computers Individual computers Modem Security Firewall 101 TSRs Viruses Internet Worms Trojans DOS/ DDOS Physical again (Portable media) Espionage Financial gain Homeland security threats Delivery via Web 2.0 and social networking sites 1980 1990 2000 2013
NGFW Breaking the Typical Target Initiated Attack Cycle EXPLOIT MALWARE URL Filtering Page Visit Intrusion Prevention DPI-SSL Gateway Threat Prevention Cloud Anti-Virus
Next Generation Firewall technology 1. Stateful Packet Inspection Deep Packet Inspection 2. Intrusion Prevention The front-line network defense against application attacks 3. SSL Decryption Don t allow threats to tunnel through encrypted channels 4. Threat Prevention Anti-X (Virus/Trojan/Malware) 5. Application Control Granular control (Allow Facebook, Block Social Gaming) 6. User Identification through Single Sign On (SSO) Correlate network traffic with users 7. Application Identification & Visualization Can t control what you can t see
Cutting edge threat prevention Botnet command and control traffic detection and blocking Geographical IP monitoring and blocking Comprehensive signatures, server and client-side attacks Sophisticated anti-evasion technology Denial of Service / Flood detection and prevention SSL traffic inspection Protocol abuse / anomaly based detection Visualization and reporting
Key differentiators Reassembly-Free Deep Packet Inspection High Security Effectiveness Native ios and Android SSL VPN Client Connectivity Application Intelligence & Control
Key differentiators
Highly Efficient Single Pass RFDPI Security Engine Proven & Proprietary Reassembly Free Deep Packet Inspection Low-Latency Ultra-Scalable Single Pass Deep Packet Inspection Engine Stable Throughput vs. Buffering Proxy Engines Input Packet Signature Signature Output Packet TCP Reassembly Pattern Definition Language Interpreter Postprocessors Preprocessors Deep Packet Inspection Engine Policy Decision API Linearly Scalable on a Massively Multi-Core Architecture 1 Core 96 Cores
Introducing the SuperMassive 9000 Series 6 th Generation Technology Unrivaled Performance in its class Threat Prevention Intrusion Prevention SSL Decryption performance 10GbE and GbE Port Density Data Center Efficiency Power/Space/Cooling
Introducing the SuperMassive 9000 Series Industry leading power, space, and cooling all in an elegant 1 rack unit design. The only NGFW specifically engineered for 10Gb+ enterprise networks. The only NGFW capable of scaling to meet the high DPI performance and low latency demands of the world s largest data centers and carriers. The only NGFW vendor capable of managing thousands of firewalls around the world with real-time visualization.
Model lineup - Review SuperMassive 9600 SuperMassive 9400 9.7 Gbps IPS & Application Control 20 Gbps Firewall Throughput 5 Gbps Threat Prevention 32x1.2 Ghz, 32 GB Ram 8 Gbps IPS & Application Control 20 Gbps Firewall Throughput 4.5 Gbps Threat Prevention 32x1.2 Ghz, 16 GB Ram SuperMassive 9200 5.0 Gbps IPS & Application Control 10 Gbps Firewall Throughput 3.5 Gbps Threat Prevention 24x1.0 Ghz, 8 GB Ram
NSA 3600 NSA 4600 NSA 5600 NSA 6600
Looking at the NSA appliance front view NSA 3600, NSA 4600, NSA 5600 2xUSB 1 Console 1 SD (future use) 1 GbE Management Interface (Direct to CPU) 10 GbE SFP+ 1 GbE SFP 1 GbE 2 Ports LAN Bypass NSA 6600
The New NSA Series Rear View NSA 3600, NSA 4600, NSA 5600 Expansion Slot (future) Dual Fans Dual Hot Swappable Fans Single power supply NSA 6600
NSA performance Overview NSA 6600 NSA 5600 NSA 4600 NSA 3600 4.5 Gbps IPS & App Control 12 Gbps Firewall Throughput 3 Gbps DPI Throughput 24x1.0 GHz, 4 GB RAM 3 Gbps IPS & Application Control 9 Gbps Firewall Throughput 1.6 Gbps DPI Throughput 10x1.3 GHz, 4 GB RAM 2 Gbps IPS & Application Control 6 Gbps Firewall Throughput 800 Mbps DPI Throughput 8x1.1 GHz, 2 GB RAM 1.1 Gbps IPS & Application Control 3.4 Gbps Firewall Throughput 500 Mbps DPI Throughput 6x800 MHz, 2 GB RAM
Dell SonicWALL firewall portfolio SuperMassive Series Large enterprises, data centers, ISPs, carriers E10800 E10400 E10200 9600 9400 9200 NSA Series Branch offices and medium sized organizations NSA 6600 NSA 5600 NSA 4600 NSA 3600 NSA2400 NSA 250M/220 TZ Series Small and remote offices TZ 215 Series TZ 205 Series TZ 105 Series
NSA Series Sample Deployment
SonicOS Updates
Highlights of SonicOS 5.9 Enterprise Features IPv6 Active/Active BGP One-Button Create App Rule Data Loss Prevention Pattern Matching in AIC WXA for Remote Users Significantly Improved CLI Wireless Enhancements Layer 3 Support WiFi detect rogue access points Auto schedule WiFi IDS scans Support for WiFi Multimedia QoS (802.11e) Optimizations Increased SSL Connections Merge of SonicOS Into One Branch WXA Web Caching Bandwidth Management Enhancements Per User/IP More accurate reporting New choice for violation handling; drop or delay Increased Security UDP / ICMP Flood Protection One Touch Security Configuration Logging/TSR Enhancements SonicOS 5.9 is the largest release with 43 new features!
NetExtender and WXAC
Wireless Layer 3 Support
Enhanced CLI Goal Ability to completely configure and manage firewall from CLI Similar to other CLI syntax, but unique to SonicOS Phase I & II Users can create Macros Admin can stage a configuration and commit later Can be used as part of an audit policy CLI will validate a configuration before commit
SonicOS 6.1 Powering SM 9000 and NSA GEN 6 Networking and Security oriented enhancements to increase deployment flexibility, enhance manageability and increase security capabilities of Dell SonicWALL Firewalls A/A Clustering BGP New CLI Regular Expressions for DPI Anti-DDoS Enhancements (UDP/ICMP Flood Prevention) ArcSight Suport Geo-IP/Botnet Optimizations SNMPv3 SSO Radius Accounting Link Aggregation on Wire Mode WXA Support App Flow Dashboard
Thank you! Thomas Bürgis thomas_buergis@dell.com 25