Why it's time to upgrade to a Next Generation Firewall Dickens Lee Technical Manager
Dell History 2 Confidential
Dell s legacy Became leading provider of subscription services on optimized appliances Shipped one million appliances worldwide Named to Visionaries Quadrant, Gartner Magic Quadrant for SSL VPN Announced SuperMassive E10000 Series May: Joined the Dell family 1991 1996 2005 2007 2010 2011 2012 Founded Became the leader in unit share for Unified Threat Management Firewall appliances Thoma Bravo and SonicWall entered into a partnership Positioned as Leader in Gartner UTM Magic Quadrant Positioned as Visionary in Gartner SSL VPN Magic Quadrant SNWL Earns NSS Labs Recommended Rating for NGFW SVM Shipped two million appliances worldwide 3 Confidential
Technology Trends 4 Confidential
5 Copyright Inc. All Rights Reserved
Changes in user behavior Blogging Facebook Twitter IM/Whatsapp Cloud access (e.g Dropbox) Streaming video (e.g Youtube) Streaming audio Downloading files Freeware (teamviewer, RDP) Time spent on Facebook was greater than time spent on Google sites for the first time in history. (comscore, August 2010 ) Together Facebook.com and Google.com accounted for 14% of all Internet visits last week. (Hitwise, March 2010 ) Bandwidth Cost Productivity 6 Confidential
Impacts to your Business Virus, Spyware, Trojan, Rootkits, Worm Spam, Phishing, Spear Phishing Data Leakage Classified document, trade secret Bandwidth abuse, Impact on Network Performance Populated with non-productive traffic High latency Bad response time Productivity increase or decrease Federal or Industrial Regulatory Compliance issue PCI 7 Confidential
Changing the Security Market Cloud / Web 2.0/ Virtualization Sophisticated Threats/APT Next-Generation Security Mobility BYOD 8 Confidential
Next Generation Firewall (NGFW) Solutions 9 Confidential
Topical Solution Layered security VPN IPS Firewall Antivirus Servers Antispam URL Filters Proxy Users Application 10 Confidential
Traditional Firewalls Completely Outclassed Stateful Firewall Web Traffic 80 = HTTP 443 = HTTPS Protection centered around IP, ports & protocols Allow/Deny in any application over 80/443 To a traditional firewall, all web traffic looks legitimate Do not inspect every port (Customize apps) Allow Trojans, Rootkits, Malware into the network 11 Confidential
Application Chaos Who is to say for you what apps are important or not you? Important Apps Unimportant Apps 12 Confidential
Next Generation Firewall Technology Deep Packet Inspection 1. Firewall - Stateful Packet Inspection 2. Intrusion Prevention The front-line network defense against application attacks 3. Application Identification & Visualization Can t control what you can t see 4. User Identification through Single Sign On (SSO) Correlate network traffic with users 5. Application Control Granular control (Allow Facebook, Block Social Gaming) 6. SSL Decryption Don t allow threats to tunnel through encrypted channels 7. Threat Prevention Anti-X (Virus/Trojan/Malware) 13 Confidential
Dell Next-Generation Firewall Identify Categorize Control Users/Groups Policy Application Chaos Critical Apps Reassembly-Free Deep Packet Inspection Ingress Acceptable Apps Egress Unacceptable Apps Cloud-Based Extra-Firewall Intelligence Malware Blocked 14 Confidential
Network Traffic Visualization Bandwidth App Traffic Breakdown Drilldown User Traffic Consumption Identify P2P Traffic Real-time Traffic Breakdown 15 Confidential
Identify and Control Applications Application Library with over 4200 unique Application Uses Granular Control Allow Facebook, Block BitTorrent Allow Chat, Block File Transfer - Group/User Based - Schedule Based - Exceptions 16 Confidential
How Traditional Firewall & IPS fail: security/performance tradeoff Force administrators to choose between security and performance Admins often wind up turning off security when performance suffers Slow networks hurt productivity Insecure networks are dangerous 17 Confidential
Highly Efficient Single-Pass RFDPI Security Engine Proven & Proprietary Reassembly Free Deep Packet Inspection Traditional Firewall with modules NGFW Integrated Architecture: Low-Latency Ultra-Scalable Single Pass Deep Packet Inspection Engine Input Packet Signature Signature Output Packet TCP Reassembly Pattern Definition Language Interpreter Postprocessors Preprocessors Deep Packet Inspection Engine (Anti-Malware, IPS, Application) Policy Decision API 18 Confidential
Linearly Scalable on a Massively Multi-Core Architecture 1 Core 96 Cores Cavium cpu custom built to understand network communications at hardware level (TCP acceleration; compression/decompression/encryption etc) Parallel processing for multiple data streams 2012- Cavium NSA5500 500Mhz 8 No. of Cores 2013- Cavium2 800Mhz Horse power 4 > 6.4Ghz NSA8500 800Mhz 16 1.2Ghz 12.8 > 19Ghz 19 Confidential
Topical Solution VPN IPS Firewall Antivirus Servers Antispam URL Filters Proxy Users Application 20 Confidential
Dell Sonicwall NFGW solution VPN IPS Firewall Servers Antivirus Dell Sonicwall NFGW Antispam URL Filters Functions with performance guarantee Single Sign On Proxy URL web control Application Application control Threat protection Detect only option Reporting Monitor and Detect only Wire mode 21 Confidential Users
Dell Appliances 22 Confidential
Dell Next-Gen Firewalls & Unified Threat Management Firewalls SuperMassive E10000 Series Data Centers, ISPs E10200 E10400 E10800 E-Class NSA Series Medium to large organizations NSA E8510 NSA E8500 NSA E6500 NSA E5500 NSA Series Branch offices and medium sized organizations NSA 4500 NSA 3500 NSA 2400 NSA 250M NSA 220 TZ Series Small and remote offices TZ 215 TZ 205 TZ 105 23 Confidential
Dell SuperMassive E10000 Detects, classifies and controls over 4,200+ unique applications Text Comprehensive Inspection SuperMassive E10800 running SonicOS is the highest overall protection Next-Gen Firewall recommended by NSS Labs in the 2012 Next-Gen Firewall Security Value Map Proven SonicOS architecture is at the core of every firewall from the SuperMassive E10800 to the TZ105 Detects, classifies and controls over 4,200 unique apps Powerful IPS, Multi-gig performance Management/visualization of traffic RFDPI technology SSL traffic inspection High availability: A/P, A/A, StateSync, clustering The Technology 96 processor cores 40 Gbps Firewall Inspection 30 Gbps IPS 30 Gbps Application Intelligence and Control 10 Gbps Anti-Malware Detects over 9 million unique threats 24 Confidential
Management and Reporting Analyzer Reporting & Analytics for firewall, CDP, and SRA appliances GMS 7.0 Reporting & Analytics, Policy Management, Monitoring for firewall, CDP, SRA, email security appliances Scrutinizer Flow Analytics for firewalls, 3 rd party routers, switches, firewalls 25 Confidential
GMS 7.0 - Firewall Management 26 Confidential
GMS 7.0 & Analyzer - Next Generation Reporting Near real-time Granular drill down New look and feel 27 Confidential
GMS 7.0 & Analyzer Application Traffic Analytics Trouble shooting, forensics, app usage reports for customers 28 Confidential.
GMS 7.0 & Analyzer User Centric Reporting Web sites visited Client VPN sessions Applications Used Bandwidth Usage 29 Confidential
Scrutinizer - Detailed Traffic Analysis 30 Confidential
What do the 3rd party Testers Say 31 Confidential
The NSS Security Value Map Summary of 2012 NGFW testing results from www.nsslabs.com 4 Quadrants - Recommended - Caution - 2xNeutral Final Product Rating near the name of the product Lines signify corrections due to major failures - No line = No Major Failure 32 Confidential
NSS Test Highlights Recommended Neutral Caution 33 Confidential
scored exceptionally well in several categories and so far is leading the pack. 34 Confidential
Most secure and fastest NGFW to receive NSS Labs Recommended rating in 2012 Dell SuperMassive E10800 35 Confidential
Threat Coverage by Vendor & Date vs. Palo Alto Networks v. CheckPoint NSS Labs exploit library covers a wide range of protocols and applications representing a wide range of software vendors. 36 Confidential
UTM Firewall 2012 Magic Quadrant (March 2012) was positioned in the Leaders Quadrant for 2012 Fast-Forwarding Firewall Face-Off (April 2012) Best Overall Performance for NGFW Best Overall Performance for UTM Best Overall Performance for SSL Decryption 37 Confidential
ICSA Labs Enterprise Firewall Certification https://www.icsalabs.com/sites/default/files/swl_ngfw_eval.pdf 38 Confidential
was not susceptible to attacks launched inbound or outbound to or through the product, including fragmentation and trivial Denial-Of-Service attacks. Dell NSA E-Class E7500 39 Confidential
Do the Basic Data Center: US Up-to-date anti-virus & IPS signatures Multiple layers of protection Security awareness training System updates & patches Deep-packet-inspection firewall with application intelligence & IPS Anti-Spam / email security Never use pirated software 40 Confidential
Thank You For more information contact: Email: dickens_lee@dell.com