Achieve Deeper Network Security and Application Control



Similar documents
Achieve Deeper Network Security

Network Security Overview

Types of cyber-attacks. And how to prevent them

Achieve deeper network security and application control

Next-Generation Firewalls: Critical to SMB Network Security

10 easy steps to secure your retail network

Best Practices for Secure Mobile Access

How To Use Shareplex

Navigating the NIST Cybersecurity Framework

Logging and Alerting for the Cloud

Securing Your Small Business

How to Build a Massively Scalable Next-Generation Firewall

How to Deploy Models using Statistica SVB Nodes

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Hybrid Cloud Computing

Understanding Enterprise Cloud Governance

Jort Kollerie SonicWALL

Mobile workforce management software solutions. Empowering the evolving workforce with an end-to-end framework

Solving the Security Puzzle

Why it's time to upgrade to a Next Generation Firewall. Dickens Lee Technical Manager

How Traditional Firewalls Fail Today s Networks And Why Next-Generation Firewalls Will Prevail

What to Look for When Evaluating Next-Generation Firewalls

Providing Secure IT Management & Partnering Solution for Bendigo South East College

Dell One Identity Cloud Access Manager How to Configure vworkspace Integration

Applications erode the secure network How can malware be stopped?

Top 10 Most Popular Reports in Enterprise Reporter

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

SharePlex for SQL Server

Using Self Certified SSL Certificates. Paul Fisher. Quest Software. Systems Consultant. Desktop Virtualisation Group

Dell One Identity Cloud Access Manager SonicWALL Integration Overview

A Massively Scalable Approach to Network Security

Simplify Your Migrations and Upgrades. Part 1: Avoiding risk, downtime and long hours

Executive Brief on Enterprise Next-Generation Firewalls

Proactive Performance Management for Enterprise Databases

Eight Ways Better Software Deployment and Management Can Save You Money

Securing Endpoints without a Security Expert

Managing the Risk of Privileged Accounts and Privileged Passwords in Civilian Agencies

Identity and Access Management for the Cloud

SSL Performance Problems

Dell SonicWALL Portfolio

The Hillstone and Trend Micro Joint Solution

IBM Security Intrusion Prevention Solutions

Spotlight Management Pack for SCOM

Requirements When Considering a Next- Generation Firewall

formerly Help Desk Authority Quest Free Network Tools User Manual

Cloud Security Primer MALICIOUS NETWORK COMMUNICATIONS: WHAT ARE YOU OVERLOOKING?

Quest vworkspace Virtual Desktop Extensions for Linux

Dell One Identity Manager Scalability and Performance

DevOps for the Cloud. Achieving agility throughout the application lifecycle. The business imperative of agility

Dell Spotlight on Active Directory Server Health Wizard Configuration Guide

Dell One Identity Cloud Access Manager How to Configure for High Availability

Network Security Solution. Arktos Lam

Ensuring High Availability for Critical Systems and Applications

Content-ID. Content-ID URLS THREATS DATA

Governed Migration using Dell One Identity Manager

Move Data from Oracle to Hadoop and Gain New Business Insights

Why Protection and Performance Matter

How to choose the right NGFW for your organization: Independent 3 rd Party Testing

Dell InTrust Preparing for Auditing Cisco PIX Firewall

Why protection & performance matter

How to Quickly Create Custom Applications in SharePoint 2010 or 2013 without Custom Code

Firewall Sandwich. Aleksander Kijewski Presales Engineer Dell Software Group. Dell Security Peak Performance

Dell One Identity Cloud Access Manager How to Configure for SSO to SAP NetWeaver using SAML 2.0

WildFire. Preparing for Modern Network Attacks

SonicWALL Corporate Design System. The SonicWALL Brand Identity

Content-ID. Content-ID enables customers to apply policies to inspect and control content traversing the network.

Dell vworkspace Supports Higher Education s Desktop Virtualization Needs

Reverse Proxy Three Myths Busted

Organized, Hybridized Network Monitoring

Understanding and Configuring Password Manager for Maximum Benefits

A Layperson s Guide To DoS Attacks

Quest Collaboration Services How it Works Guide

IBM Security Network Protection

Dell SonicWALL product lines

How To Control Your Network With A Firewall On A Network With An Internet Security Policy On A Pc Or Ipad (For A Web Browser)

Enterprise Reporter Report Library

Introduction to Version Control in

Networking for Caribbean Development

Desktop Authority vs. Group Policy Preferences

Dell One Identity Cloud Access Manager How To Deploy Cloud Access Manager in a Virtual Private Cloud

Adopting a service-centric approach to backup & recovery

The 2014 Next Generation Firewall Challenge

Quest Collaboration Services 3.5. How it Works Guide

Securing the Small Business Network. Keeping up with the changing threat landscape

Dell Migration Manager for Enterprise Social What Can and Cannot Be Migrated

Beyond the Hype: Advanced Persistent Threats

Data center and cloud management. Enabling data center modernization and IT transformation while simplifying IT management

Connected Security - Software Solutions. Reduce risk and enable new business initiatives from the endpoint, to the data center, to the cloud.

Integrated Approach to Network Security. Lee Klarich Senior Vice President, Product Management March 2013

V1.4. Spambrella Continuity SaaS. August 2

Dell Statistica. Statistica Document Management System (SDMS) Requirements

REVOLUTIONIZING ADVANCED THREAT PROTECTION

Forefront Threat Management Gateway (TMG) Whitepaper The Solution.

Safeguarding the cloud with IBM Dynamic Cloud Security

Cybercrime: evoluzione del malware e degli attacchi. Cesare Radaelli Regional Sales Manager, Italy cradaelli@paloaltonetworks.com

Dell Enterprise Reporter 2.5. Configuration Manager User Guide

Identifying Problematic SQL in Sybase ASE. Abstract. Introduction

The Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know

1110 Cool Things Your Firewall Should Do. Extending beyond blocking network threats to protect, manage and control application traffic

A Modern Framework for Network Security in the Federal Government

Transcription:

Achieve Deeper Network Security and Application Control Dell Next-Generation Firewalls Abstract Next-generation firewalls (NGFWs) have emerged to revolutionize network security as we once knew it. Yet to safeguard an organization from today s ever-evolving threats, NGFWs must be able to deliver an even deeper level of network security. Not only must they ensure that every byte of every packet is inspected but also they must maintain the high performance and low latency that busy networks require. In addition, they must combine high-performance SSL decryption and inspection, an intrusion prevention system (IPS) that features sophisticated anti-evasion technology, granular control over and visibility into application and user activity across the network, and a network-based malware protection system that leverages the power of the cloud. Only when these technologies are working together can organizations truly block the sophisticated new threats that emerge on a daily basis. 1 U.S. Patents 7,310,815; 7,600,257; 7,738,380; 7,835,361 Yet not all next-generation firewalls are the same. Dell SonicWALL NGFWs are the only firewalls capable of providing organizations of any size with a deeper level of network security. These industry-leading firewalls are designed using a scalable, multi-core hardware architecture and a patented, single-pass, low-latency, Reassembly-Free Deep Packet Inspection (RFDPI) engine that scans all traffic, regardless of port or protocol. In addition to advanced SSL decryption and IPS capabilities, Dell SonicWALL NGFWs also have access to a cloud database that is updated continually with more than 15 million signatures. Not only that, they re easy to manage and they deliver a low total cost of ownership. Introduction: Deeper network security Rising security threats The growing use of cloud computing, mobile solutions, bring your own device (BYOD) policies and the rise of shadow IT have added new levels of risk, complexity and cost to

Today s organizations need an NGFW that can deliver a deeper level of network security and app control without compromising performance. securing an organization s data and intellectual property. Businesses of every size must now combat a wide range of increasingly sophisticated threats, including advanced persistent threats (APTs), cybercriminal activity, spam and malware. At the same time, many organizations are grappling with tighter budgets and don t have the resources to easily address these threats. The move to next-generation firewalls To combat growing security challenges, more and more organizations are migrating from traditional firewalls that focus only on stateful packet inspection (SPI) and access control rules to NGFWs, which have revolutionized network security by providing more robust protection against emerging threats. In addition to traditional firewall features, NGFWs feature a tightly integrated IPS, real-time decryption and inspection of SSL sessions and full control and visualization of application traffic as it crosses the network. Not all next-generation firewalls are created equal Modern attacks employ numerous complex techniques to avoid detection as they sneak quietly into corporate networks to steal intellectual property. These attacks are often encoded using complicated algorithms to evade detection by intrusion prevention systems. Once the target has been exploited, the attacker will attempt to download and install malware onto the compromised system. In many instances, the malware used is a newly evolved variant that traditional antivirus solutions cannot detect. Also, the advanced attack often relies on SSL encryption to hide the malware download or even to disguise command and control traffic that is sent by the attacker from halfway around the world. Some organizations rely on NGFWs that compromise network performance for protection, which leads to lowered productivity. Other organizations actually turn off or limit existing security measures to keep up with high network performance demands. With today s new threats and threat vectors, this is an extremely risky practice. Clearly, more advanced detection and protection capabilities are needed. Ultimately, today s organizations need an NGFW that can deliver a deeper level of network security without compromising performance at a total cost of ownership that is maximized for both large enterprises and small businesses. Dell SonicWALL NGFWs deliver exactly this type of protection. Dell SonicWALL NGFWs feature SSL decryption and inspection that extends protection to SSL-encrypted traffic, an IPS with advanced anti-evasion technology, context-aware application control and cloud-based malware protection that keeps abreast of the latest threats. How Dell SonicWALL NGFWs deliver deeper network security Byte-by-byte packet inspection Dell SonicWALL NGFWs are equipped with a patented, single-pass, lowlatency, Reassembly-Free Deep Packet Inspection (RFDPI) engine that inspects every byte of every packet while maintaining high performance and low latency. The RFDPI engine uses a combination of complex countermeasure techniques, real-time decision methodologies and data normalization to block threats within files, attachments and compressed archives regardless of their size and transform them as needed to perform normalized traffic analysis. SSL decryption and inspection SSL decryption and inspection is arguably the single most important feature required to provide a deeper level of network security. According to recent research (NSS Labs, 2013), as much as 35 percent of corporate network traffic is encrypted using SSL. So organizations that are not inspecting SSL traffic are effectively blind to a third of the traffic on the network. Further, attacks that utilize SSL will have 2

a 100 percent success rate in this type of scenario. To combat these sophisticated attacks effectively, organizations need the ability to inspect all traffic on any port, regardless of whether that traffic is SSLencrypted or not. One of the challenges, however, is that most NGFWs available today offer dismal performance when decrypting and inspecting SSL traffic. Dell SonicWALL NGFWs offer best-inclass scalability and performance for SSL decryption and inspection, as evaluated by both Network World magazine and NSS Labs. An IPS with anti-evasion capabilities Cybercriminals often try to circumvent the intrusion prevention system by using complex algorithms designed to evade detection. Some network security vendors products may not perform adequate data normalization to decode threats before the IPS has a chance to examine them. This enables encoded threats to compromise corporate networks without being noticed. Dell SonicWALL NGFWs are equipped with a tightly integrated IPS with advanced antievasion capabilities so that advanced threats are detected and stopped before they can harm the network. Dell offers cutting-edge IPS threat protection that is capable of reverse-engineering these advanced evasion techniques. In the 2013 NSS Labs Security Value Map (SVM) for IPS, the Dell SonicWALL SuperMassive E10800 with integrated IPS earned the coveted Recommended rating. In fact, the Dell SonicWALL integrated network security solution, which includes IPS, was tested alongside many dedicated IPS offerings. Application intelligence and control The explosion of applications that rely on network access has made it difficult for administrators to monitor user activity and application traffic usage. This has led to productivity concerns and additional security risks. Dell SonicWALL NGFWs help solve these problems with an addon application intelligence and control service. A context-aware monitoring engine gives administrators full visibility into application and user activity on the network. Armed with this information, administrators can easily create acceptable-use policies for allowing or blocking specific applications and apply them to individuals or groups within the organization. Dell SonicWALL NGFWs also enable powerful bandwidth management to ensure that critical network resources remain available for maximum productivity. In addition, a tightly integrated Application Flow Monitor provides real-time graphs of applications, inbound and outbound bandwidth, active website connections, and user activity for visual insight into network usage. The data from the graphs can be used to generate reports based on user ID. Network-based malware prevention is updated continuously Each hour of every day, hundreds of new variants of malware are developed. Although several NGFWs offer networkbased, anti-malware technology, many of these systems are limited to just a few thousand malware signatures, and many are updated as infrequently as once per day. Dell SonicWALL NGFWs access a cloud database with more than 15 million signatures that is updated every few minutes around the clock, enabling organizations to achieve real-time protection against the latest threats. The Dell SonicWALL RFDPI engine is capable of doing even more than pattern matching. When creating its custom firewall signatures, Dell SonicWALL NGFWs look for specific code fragments common to malware families rather than individual variants. This means that the RFDPI engine can identify the malicious code contained in new mutations to provide an additional layer of protection. In addition, Dell SonicWALL NGFWs have been independently tested and certified for network-based malware protection by ICSA Labs (ICSA Labs 2013). The SuperMassive is aptly named... [it] can decrypt SSL traffic very fast in fact these one-off tests show it to be the fastest device by far. Network World magazine, 2012 3

The Network Security Appliance (NSA) Series delivers the high level of security, application control and performance that administrators have come to expect. The security of an industry leader Dell SonicWALL has more than 20 years of experience in the industry, and Gartner has recognized Dell SonicWALL as an industry leader in network security. In the NSS Labs 2013 NGFW Product Analysis Report, the Dell SonicWALL SuperMassive E10800 firewall scored 100 percent in anti-evasion, stability and reliability, firewall, application control, and identity awareness tests. In 2012, Network World magazine reported in its article Scaling Up With SonicWALL s SuperMassive, The SuperMassive is aptly named... [it] can decrypt SSL traffic very fast in fact these one-off tests show it to be the fastest device by far. All SonicWALL Dell NGFW customers benefit from Dell s commitment to delivering a deeper level of security for around-the-clock protection across the entire organization. A range of next-generation firewalls for every organization Dell offers a range of next-generation firewalls to fit the needs of organizations of every size: Dell SonicWALL SuperMassive Series This series is highly scalable, making it ideal for large enterprise organizations that are continually adding new users. For the second consecutive year, the SuperMassive E10800 has earned the top rating of Recommended in NSS Labs 2013 Next-Generation Firewall Security Value Map. In addition, it has achieved one of the highest security effectiveness ratings in the industry and earned scores of 100 percent for anti-evasion, stability and reliability, firewall, application control, and identity awareness testing in NSS Labs 2013 NGFW Product Analysis Report. The SuperMassive 9000 Series of firewalls ensures security effectiveness by enforcing intelligent policy decisions, which helps ease administrative burdens. Housed in an elegant, one-rack unit appliance, SuperMassive 9000 firewalls also save space and lower power and cooling costs. Dell SonicWALL NSA Series The Network Security Appliance (NSA) Series delivers the high level of security, application control and performance that administrators have come to expect. And because the NSA Series firewalls are affordable and easy to deploy, configure and maintain, they are an ideal choice for the mid market and SMBs. Conclusion Dell SonicWALL NGFWs provide organizations of any size with a deeper level of network security without compromising performance because they are designed to scan all traffic regardless of port or protocol including SSL-decrypted traffic. They can detect anti-evasion techniques and have network-based anti-malware capabilities with access to a cloud database that is continually updated. In addition, these firewalls are easy to manage and affordable. Further, Dell SonicWALL is recognized as an industry leader by Gartner, and the Dell SonicWALL SuperMassive E10800 next-generation firewall earned the highest rating of Recommended in NSS Labs 2013 NGFW Security Value Map. Organizations that adopt Dell SonicWALL NGFWs will benefit from their advanced protection against ever-evolving, persistent IT security threats. Dell NGFWs are part of Dell s overall portfolio of end-to-end Connected Security solutions, which ensure that organizations of all sizes can protect their intellectual property in an increasingly connected world. To learn more about Dell SonicWALL NGFWs, please visit software.dell.com/solutions/ network-security. For more information Dell SonicWALL 2001 Logic Drive San Jose, CA 95124 www.sonicwall.com T +1 408.745.9600 F +1 408.745.9300 4

For More Information 2014 Dell Inc. ALL RIGHTS RESERVED. This document contains proprietary information protected by copyright. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording for any purpose without the written permission of Dell Inc. ( Dell ). Dell, Dell Software, the Dell Software logo and products as identified in this document are registered trademarks of Dell, Inc. in the U.S.A. and/or other countries. All other trademarks and registered trademarks are property of their respective owners. The information in this document is provided in connection with Dell products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of Dell products. EXCEPT AS SET FORTH IN DELL S TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT, DELL ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL DELL BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF DELL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Dell makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice. Dell does not make any commitment to update the information contained in this document. About Dell Software Dell Software helps customers unlock greater potential through the power of technology delivering scalable, affordable and simple-to-use solutions that simplify IT and mitigate risk. The Dell Software portfolio addresses five key areas of customer needs: data center and cloud management, information management, mobile workforce management, security, and data protection. This software, when combined with Dell hardware and services, drives unmatched efficiency and productivity to accelerate business results. If you have any questions regarding your potential use of this material, contact: Dell Software 5 Polaris Way Aliso Viejo, CA 92656 www.dellsoftware.com Refer to our Web site for regional and international office information. 5 Whitepaper-AchieveDeeperNetworkSecurity-US-TD584-20140205

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information