SonicWALL Team Nordic Recommendations for safe Unified Threat Management (UTM) Deployments*

Similar documents
Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

Securing the Small Business Network. Keeping up with the changing threat landscape

IREBOX X. Firebox X Family of Security Products. Comprehensive Unified Threat Management Solutions That Scale With Your Business

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

Meraki MX Family Cloud Managed Security Appliances

Symantec Enterprise Firewalls. From the Internet Thomas Jerry Scott

White Paper. ZyWALL USG Trade-In Program

How Traditional Firewalls Fail Today s Networks And Why Next-Generation Firewalls Will Prevail

SonicWALL Unified Threat Management. Alvin Mann April 2009

Platform Compatibility... 1 Key Features... 2 Known Issues... 4 Upgrading SonicOS Image Procedures... 6 Related Technical Documentation...

Network Security. Protective and Dependable. 52 Network Security. UTM Content Security Gateway CS-2000

Application Intelligence, Control and Visualization

The Hybrid Enterprise. Enhance network performance and build your hybrid WAN

Extreme Security Threat Protection G2 - Intrusion Prevention Integrated security, visibility, and control for next- generation network protection

Integrated Security Solutions You Can Trust

Network Security Solution. Arktos Lam

Assessing Business Continuity Solutions

Providing Secure IT Management & Partnering Solution for Bendigo South East College

SonicWALL Corporate Design System. The SonicWALL Brand Identity

Contents. Platform Compatibility. SonicOS

Cisco Small Business ISA500 Series Integrated Security Appliances

Customer Service Description Next Generation Network Firewall

Next-Generation Firewalls: Critical to SMB Network Security

USG6600 Next-Generation Firewall

SonicOS Enhanced Release Notes

Huawei Eudemon200E-N Next-Generation Firewall

SonicWALL Security Solutions

SonicWALL ECLASS Netw

Cisco ASA 5500 Series IPS Solution

SonicWALL Security Solutions

SonicOS Release Notes

MX Cloud Managed Security Appliance Series

10 Key Things Your VoIP Firewall Should Do. When voice joins applications and data on your network

Applications erode the secure network How can malware be stopped?

Release Notes. SonicOS is the initial release for the Dell SonicWALL NSA 2600 network security appliance.

Dynamic Security for the Global Network

SSL-VPN 200 Getting Started Guide

Chapter 9 Firewalls and Intrusion Prevention Systems

Scalable. Reliable. Flexible. High Performance Architecture. Fault Tolerant System Design. Expansion Options for Unique Business Needs

Scalable. Reliable. Flexible. High Performance Architecture. Fault Tolerant System Design. Expansion Options for Unique Business Needs

Data Sheet. V-Net Link 700 C Series Link Load Balancer. V-NetLink:Link Load Balancing Solution from VIAEDGE

USG6300 Next-Generation Firewall

SuperMassive E10000 Series

Why it's time to upgrade to a Next Generation Firewall. Dickens Lee Technical Manager

Dell SonicWALL Next Generation Firewall(Gen6) and Integrated Solution. Colin Wu / 吳 炳 東 Colin_Wu1@dell.com

Dell SonicWALL Portfolio

PRODUCT LINE. Dynamic Security for the Global Network

Check Point 4800 Appliance

Contents. Release Purpose. Platform Compatibility. SonicOS TZ 105 / TZ 205 Series Release Notes. SonicOS

Intel Network Builders: Lanner and Intel Building the Best Network Security Platforms

10 Strategies to Optimize IT Spending in an Economic Downturn. Wong Kang Yeong, CISA, CISM, CISSP Regional Security Architect, ASEAN

Cisco Meraki MX products come in 6 models. The chart below outlines MX hardware properties for each model: MX64 MX64W MX84 MX100 MX400 MX600

MX Cloud Managed Security Appliance Series

FortiGate 100D Series

Firewall Defaults and Some Basic Rules

SonicWALL Security Solutions

Best Practices in Deploying a Secure Wireless Network

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

KERIO TECHNOLOGIES KERIO WINROUTE FIREWALL 6.4 REVIEWER S GUIDE. (Updated April 14, 2008)

Higher-performance Protection and Superior Total Cost of Ownership

SonicOS 5.8.1: Configuring the Global Bandwidth Management Service

Clean wireless. High-performance clean wireless solutions

HUAWEI Secospace USG6600 Next-Generation Firewall Datasheet

Intro to Firewalls. Summary

Network protection and UTM Buyers Guide

WATCHGUARD FIREBOX VCLASS

Cisco Meraki MX products come in 6 models. The chart below outlines MX hardware properties for each model: MX60 MX60W MX80 MX100 MX400 MX600

PALO ALTO SAFE APPLICATION ENABLEMENT

NetDefend UTM Firewall Series

Securing the small business

IBM Security Network Protection

Next Generation Network Firewall

- Introduction to PIX/ASA Firewalls -

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why Sorting Solutions? Why ProtectPoint?

Firewall Sandwich. Aleksander Kijewski Presales Engineer Dell Software Group. Dell Security Peak Performance

Assuring Your Business Continuity

Product Factsheet MANAGED SECURITY SERVICES - FIREWALLS - FACT SHEET

INTRODUCTION TO FIREWALL SECURITY

Small, Medium and Large Businesses

PART D NETWORK SERVICES

BroadScan. Security Appliances. in-one Security Solution for SMB Combining Performance, ease of use and affordability. A Breakthrough all-in

FortiGate/FortiWiFi -60C Series Integrated Threat Management for Small Networks

NetDefend UTM Firewall Series

NetDefend UTM Firewall Series

PERFORMANCE VALIDATION OF JUNIPER NETWORKS SRX5800 SERVICES GATEWAY

WatchGuard Technologies WatchGuard Technologies

Cisco IPS 4200 Series Sensors

Getting Started Guide

Network Security. Network Security. Protective and Dependable. > UTM Content Security Gateway. > VPN Security Gateway. > Multi-Homing Security Gateway

Transcription:

SonicWALL Team Nordic Recommendations for safe Unified Threat Management () Deployments* nordic@sonicwall.com tel: +46 8 410 71 700 TZ100/100W 01-SSC-8739 01-SSC-8739 01-SSC-8723 $470/$536W 128Mb RAM 5FE Home and Enhance OS PortShield configurable IPSec and SSL-VPN 802.11 b/g/n wireless model TZ200/200W 01-SSC-8746 01-SSC-8746 01-SSC-8715 $784/$952W 5FE+1USB Retail and USB for 3G/ Modem HA Active/ Passive (no statesync) Dynamic Routing TZ210/210W 01-SSC-8769 01-SSC-8769 01-SSC-8773 $1076/$1293W 2GbE+5FE+ Retail and USB for 3G/ Modem HA Active/ Passive (no statesync) Dynamic Routing Application Firewall NSA 240 01-SSC-8760 $1,914 3GbE+6FE+ Provides 3 GbE, 6 FE, WWAN (3G/ Modem) PortShield NSA 2400 01-SSC-7035 $3,991 6GbE+ Provides 6 10/100/1000 WAN/WAN failover, LAN and DMZ NSA 2400MX 01-SSC-8854 $4,748 10GbE+16FE +2Module Slots+ Provides 6 10/100/1000 WAN/WAN failover, LAN and DMZ NSA 3500 01-SSC-7033 $5,721 4-Core CPU 6GbE+ 4-Core design provides a 60% increase in Gigabit level firewall Increase in Application Firewall policies NSA 4500 01-SSC-7032 $8,317 8-Core CPU 6GbE+ 8-Core design provides a 150% increase in Includes Availability for increased network reliability Increase in VPN NSA E5500 01-SSC-7029 $15,996 01-SSC-7260 8-Core CPU 1Gb RAM 8GbE+1HA+ 8 10/100/1000 high speed connectivity to WAN, LAN and DMZ Dedicated interface for Availability LCD information center Dedicated 3 rd level Active/Active NSA E6500 01-SSC-7028 $26,119 01-SSC-7257 1Gb RAM 8GbE+1HA+ 16-Core design provides 75% increase in Dedicated interface for Availability LCD information center Dedicated 3 rd level Active/Active NSA E7500 01-SSC-7027 $46,710 01-SSC-7254 2Gb RAM 4GbE + 4SFP+ 1HA+ NSA appliance providing Gigabit level 4GbE + 4SFP interfaces provide fiber and copper interface options Hot swappable power supplies/ fans Dedicated 3 rd level Active/Active 5 Mbps 15 Mbps 40 Mbps 75 Mbps 100 Mbps 500 Mbps 1 Gbps + 5 Users 10 Users 25 Users 50 Users 125 Users 250 Users 700 Users 1000 Users 2000 Users NSA E8500 01-SSC-8866 (HW+GAV/IPS Services) $54,070 01-SSC- 2Gb RAM 4GbE + 4SFP+ 1HA+ NSA appliance providing 2 Gigabit level 4GbE + 4SFP interfaces provide fiber and copper interface options Hot swappable power supplies/ fans Dedicated 3 rd level Active/Active *Above numbers are recommended by SonicWALL Team Nordic for safe Full s, with security services enabled, such as GAV/IPS/CFS and App Int. Higher throughput is possible and will vary depending on network conditions, concurrent connections, optimization, Active/Active on in HA. For Maximum throughput please have a look at the datasheets at www.sonicwall.com All above SonicWALL Firewalls are unlimited node. To contact SonicWALL Nordic use email: nordic@sonicwall.com

FirewallServicesGuide TheServices GatewayAnti6Virus,Anti6SpywareandIntrusionPreventionService(GAV): TheGAVserviceiscomprisedofthreefeatures Gateway'Anti+Virus'&'Anti+Spyware'Inspection' This will protect your network by scanning all traffic (both inbound and outbound) over multiple protocols including email, FTP, Instant Messaging (IM), peerdtodpeer (P2P), file sharing and games for s. This is done by leveraging the patented SonicWALL Reassembly Free Deep Packet Inspection Engine (RFDPI). The RFDPI engine allows the appliancestoscanandanalyseinrealtimedregardlessoffilesizeandcompressiontype.it willprotectagainstdaydzeroattacksusingourdynamicallyupdatedcloudbaseddatabases. Bottom%Line:%%Keeps%Viruses%and%Spyware%out%of%the%network.% Intrusion'Prevention'(IPS/IDS)' Vulnerabilities,exploitswithinapplicationsalongwithblendedscanallowawayfor malicious intruders to access your network and sensitive data. Intrusion Protection is a necessary technology because of this. SonicWALL takes this beyond just scanning all network traffic for known s (such as worms, Trojans, software vulnerabilities, backdoor exploits) by utilising SonicWALL s comprehensive signature databases and next generationipsengine.thisallowstheappliancetobedeployedtoprotectawiderangeof network attacks and vulnerably for both internal and external s. Threats can be loggedautomaticallyandtheadministratoralertedrightaway. Bottom%Line:Protects%against%attacks%and%vulnerabilities. Application'Intelligence,'Control'&'Visualisation'(includes'Application'Firewall)' This feature is a true hallmark of a next generation firewall.application Intelligence & ControlallowsfortruerealDtimevisibilityofapplicationuseonthenetworkandthetoolsto controlandmanageit.onceagainleveragingtherfdienginethesonicwallfirewallisable to use this to identify streams of traffic and applications regardless of what port is being used. As such the administrator is able to enforce policy and control even on port agile applications.theadministratorcaneasilyidentifyanapplicationandwhoisusingit for examplemsnmessenger andblockit.alternatelytheapplicationcanbecontrolledeither by bandwidth management or by disabling features such as stopping video chat but allowingtextchat.thispolicycanbeappliedtoindividualusersortogroups. Bottom%Line:%%See%what%is%happening%in%the%network%in%real%time%and%take%control.%

ContentFilteringService(CFS): ContentFiltering: Withthecontentfilteringserviceitissimpletoenforcepolicytostoppeoplefromviewing certain web content. This can be for productivity reasons should employees be web browsingratherthanworking.oralternativelyitcanbeforprotectionaseverycompany andinstitutionhasalegaldutyofcaretopreventtheiremployeesfromseeingobjectionable content. CFS allows for flexible solution which is easily deployed. Policy can be set for individualsorgroupsandcanbescheduledwithdifferentlevelsofaccessatdifferenttimes oftheday.forexample onlyallowingemployeesaccesstosocialnetworkingsitesduring theirlunchbreaks.whenpairedwiththegavserviceitispossibletoseewhoisbrowsing whatsitesandtorespondwithsuitableenforcementrightaway. Bottom%Line:%%Increase%work%place%productivity,%improve%network%%and%protect% employees. DynamicServices(8x5and): Note: If has run out then a multidyear renewal must be purchased as 1 year renewalsarebackdatedtobevalidfromdateofexpiryinsteadofdateofactivationformultiyear. Dynamicismultifacetedandcoversawiderangeoveraspects.Theseaspectsbreakdown intothreedistinctservices: Technical''(8x5'and')' The Technical aspect offers various avenues to contact SonicWALL Engineers.Theycanbereachedbytollfreetelephoneandinternationaltelephone,email andthroughwww.mysonicwall.combyraisingacase.thehoursofresponsewill correspondtothetypeofthecustomerhas:8x5dbusinesshoursmonday tofriday, 24hoursaday7daysaweek. Software'&'Firmware'Updates' This segment of allows the customer to keep their SonicWALL appliances and software up to date with the latest firmware and software updates. Updates can be as minorasbugfixesorasmajorasaddingtoandexpandingfunctionalityofthesonicwall product. Advanced'Hardware'Replacement' If the appliance fails and new hardware is required SonicWALL will send out replacement hardwarefornextbusinessday.oncethereplacementapplianceiswiththecustomerthe customercanthenreturntheirfaultyappliancetosonicwall.sonicwallwillnotrequest thatthecustomersendtheirfaultyappliancebeforeissuingthereplacement. Bottom% Line:% Keep% your% appliance% running% smoothly;% add% new% features% and% minimise% downtime%in%case%of%failure.% The above three services (GAV, CFS and ) can be purchased separately. However if the customer is planning on purchasing two or more of these services it is considerably cheaper to purchasethemasbundle.thisbundleiscalledthecomprehensive%gateway%security%suite%(cgss).'

PerpetualLicences AswellasrenewableservicesonSonicWALLproductstherearealsoperpetuallicences.Thesearea onetimepurchasethatpermanentlyaddsafeaturetothesonicwallapplianceor,insomecases, includedwiththeapplianceforfree. DPISSL ThisfeatureallowspolicytobeenforcementbyApplicationFirewallandCFSoverSSL.This stopspeopleusingproxysitestoavoidcontentfiltering. Bottom%Line:%Stop%people%circumnavigating%content%filtering%policy.% SSLVPN SSLVPNallowsforremoteuserstoconnectsecurelytolocalresourcesbyusingeitherthe NetExtenderclientorawebpagebasedgateway. Bottom%Line:%%Easy%reliable%access%for%remote%users.% IPv6Ready BGP WiththeIPv6readyfeaturetheSonicWALLappliancecanconnecttoIPv6. Bottom%Line:%Global%IP%v4%address%distribution%has%finished.%%IP%v6%will%be%a%must%have.% Apopularinternetroutingprotocol.Withthislicensetheappliancewillbeabletoroute usingbgp. Bottom%Line:%For%companies%that%use%BGP%this%is%important.% NetflowReporting TheNetflowreportingsoftwareallowsfordetailedreportingtobedoneonalltrafficthat passes through the SonicWALL appliance including web browsing and application usage. Thiscanbeusedforhistoricalreporting. Bottom%Line:%Detailed,%realLtime%and%historical,%reporting%on%all%traffic%usage.%%See%who%is% playing%games%and%browsing%the%web.% StatefulHighAvailability(HA) WhenstatelessHAisn tenoughthereisstatefulha.statelesshawilldropallconnections andreopenthem resultinginafewsecondsofdowntime.howeverwithstatefulhaeven whentheprimaryapplianceinanhapairfailsthereisnooutage.allmajorconnections suchassitetositevpnsandftpremainupwithzerodowntime. Bottom%Line:%%When%down%time%is%not%an%option %this%is%the%only%option.%

FEATURE GEN4 GEN5 TZ150 TZ170 TZ180 TZ190 TZ100 TZ200 TZ210 RealtimeApplicationVisibilityandControl " ApplicationFirewall " DPISSL SSLVPN ComprehensiveAntiSpamService " " " IPv6Ready BGP # GatewayAntiVirus " " " " " " " ContentFilteringSystem " " " " " " " Dynamic " " " " " " " SonicPointDualRadio/Ne/Ni* WXA* NetFlowReporting # # # StatefulHighAvailability LEGEND Noted edforfree " edwithsubscription # edwithperpetuallicense * RequiresAdditionalAppliance PRO1260 PRO2040 PRO3060 GEN4 PRO4060 PRO4100 PRO5060 Gen5 FEATURE RealtimeApplication VisibilityandControl " " " " " " " " " " ApplicationFirewall " " " " " " " " " " DPISSL # # # # # # # # SSLVPN ComprehensiveAntiSpam Service " " " " " " " " " " " IPv6Ready NSA240 NSA2400 NSA2400MX BGP # # # # # # # # # # # GatewayAntiVirus " " " " " " " " " " " " " " " " " ContentFilteringSystem " " " " " " " " " " " " " " " " " Dynamic " " " " " " " " " " " " " " " " " SonicPointDualRadio/Ne /Ni* WXA* # # # # # # # # # # # NetFlowReporting # # # # # # # # # # StatefulHighAvailability # # # # # # *AppIntonNSA2400MXisnotyetavailable. NSA3500 NSA4500 NSA5000 NSAE5500 NSAE6500 NSAE7500 NSAE8500 NSAE8510

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information