Presentation is loading. Please wait.

Presentation is loading. Please wait.

SonicWALL UTM Firewall Overview November 2010 Andy Barrow SonicWALL Product Manager +44 1753 797944.

Published byCuthbert Bridges Modified over 8 years ago

Similar presentations

Presentation on theme: "SonicWALL UTM Firewall Overview November 2010 Andy Barrow SonicWALL Product Manager +44 1753 797944."— Presentation transcript:

1 SonicWALL UTM Firewall Overview November 2010 Andy Barrow SonicWALL Product Manager +44 1753 797944

2 Who are SonicWALL?  SonicWALL was founded in February 1991 to develop standards-based, network infrastructure products to meet the needs of the small to medium business and education markets.  Today, SonicWALL’s Internet security and transaction security solutions are leading the way for a more diverse and secure Internet experience for small, medium and large enterprises. 8/23/2015 2 CONFIDENTIAL All Rights Reserved

3 United States Belgium United Kingdom Germany France Spain Italy Russia Dubai Switzerland Sweden Canada Japan Korea China Hong Kong Singapore Australia Brazil Mexico India The SonicWALL Global Presence  25 offices around the world  Conducting business in over 50 countries 8/23/2015 3 CONFIDENTIAL All Rights Reserved

4 Policy and Management Business Continuity Network Security Network Security Content Security Content Security Market Convergence Vendor / Technology Convergence End User / Channel Convergence Content Security Network Security Business Continuity Policy and Management Inbound & Outbound Content Filtering Anti—Virus Anti-Spyware Anti-SPAM Unified Threat Management (Gateway AV, Anti-Spy, IPS) SSL-VPN Secure Backup and Recovery Compliance Patch Management Policy Creation Monitoring Reporting Management Comprehensive & Continuous Protection for our End-Users Predictable & Profitable Growth for our Channel Partners Comprehensive & Continuous Protection for our End-Users Predictable & Profitable Growth for our Channel Partners Keep Businesses Running Increase IT Productivity Manage Risks How it all fits together

5 Recent 5 Star Awards – Across 4 Major Product Categories UTM – Network Security SSL VPN – Remote Access Email Security Management 8/23/2015 5 CONFIDENTIAL All Rights Reserved

6 Gartner Magic Quadrant - 2010 © 2005 SonicWALL, Inc. All Rights Reserved - Confidential 6 Source: Gartner October 2010 Magic Quadrant for Unified Threat Management Appliances

7 CONFIDENTIAL All Rights Reserved 7 What’s a firewall? A firewall is a dedicated appliance which inspects network traffic passing through it, and denies or permits passage based on a set of rules. Wikipedia 8/23/2015

8 Typical Deployment 8/23/2015 8 CONFIDENTIAL All Rights Reserved

9 9 Why do I need a firewall?  To stop the wrong people getting into your network?  Identity theft is big business  Cabinet Office study – Cost of ID fraud to UK = £1.7Bn every year  FBI – 27.3 Million Americans have been victims costing $48Bn!  Personal data is everywhere  DOB+ Address + fake utility bill = You 2.0  C/Card details – Traded world wide  New standards like PCI require you to have one 8/23/2015

10 SonicWALL CONFIDENTIAL All Rights Reserved Networking Drivers & Trends 10 Technology Trends  Growth in real-time & Internet based applications & communication  SaaS / Web 2.0  Virtualization of services  Employees increasing utilize network services – productive and unproductive  High speed and available information sharing is critical  Increases in bandwidth and volume of traffic Business Drivers  Reduction in operating costs  Focus on TCO  Mobilization of the workforce  Compliance  Outsourcing growth  Gaining competitive advantage The Communications Landscape Is Rapidly Evolving

11 The Facts at Work 25% of employees do peer-to-peer file sharing at work Equifax, 2007 16% of men and 8% of women admit viewing pornography at work USA Today, 2007 25% of office internet traffic is non-business related Burst Media Survey, 2008 8/23/2015 11 CONFIDENTIAL All Rights Reserved

12 Networks Exposed to New Threats  130% – The increase in unique malware found in the wild from July to November of 2008 (Kaspersky Labs)  4.2 million – The number of URLs around the world that harbor Malware (Source: IT Pro, 2007)  Result – Trojans and malware now outnumber viruses in terms of risk to a network (Kaspersky Labs) 8/23/2015 12 CONFIDENTIAL All Rights Reserved

13 Why do I need a new type of Firewall?  Because the Cyber criminals have got smarter.  New and sneakier ways of getting in:  Trojans  Worms  Spyware  Botnets  Applications like Instant Messenger and Skype create a hole in your firewall.  Recently, the FBI noted that 98% of organizations use firewalls, but that 56% of them had still experienced unauthorized network access. 8/23/2015 13 CONFIDENTIAL All Rights Reserved

14 What Are Employees Doing?  Web surfing  Twitter, Facebook  Downloading files  Instant messaging  Streaming video  Web 2.0 applications  Playing games  Personal email 8/23/2015 14 CONFIDENTIAL All Rights Reserved

15 …and More Non-Traditional Malware The Prediction Malware specifically disguised as "benign social networking links" will be the top threat to data security in 2009. (Georgia Tech's Information Security Center Emerging Cyber Threats Report for 2009) The Reality Target: LinkedIn Set-up: Create bogus celebrity LinkedIn profiles Lure: Place link to celebrity “videos” in profile Attack: Download of “codec” required to view video Infect:Codec is actually Malware Result: System compromised (Gregg Keizer, Computerworld Jan 7, 2009) Beyonce Kirsten Dunst Christina Ricci Kate Hudson 8/23/2015 15 CONFIDENTIAL All Rights Reserved

16 SonicWALL CONFIDENTIAL All Rights Reserved New Risks The New Paradigm of Network Communications Brings New Risk

17 SonicWALL CONFIDENTIAL All Rights Reserved 2010 Challenges User Population Expanding App Usage Open Access to Internet Increase in “Unknown” Traffic Limited Control Over Content Security Required By Application  Threats Aren’t Decreasing  Increases in malware and malcode  Threats go invisible  Poor Application Visibility  Abundance of unknown application use  Ports are ineffective at blocking application use  Network misuse is rampant  Increased Network Complexity  Bandwidth efficiency is a top concern  Admins want to manage and control network traffic based on identity Ever-increasing thirst for Bandwidth Ever-increasing thirst for Bandwidth Network Use

18 SonicWALL CONFIDENTIAL All Rights Reserved Current Solutions Present Challenges  Network safeguards are changing with threats; As threats move up the OSI model, inspection must be more complete and scalable  Application visibility is paramount to overcome the next generation of threats and productivity issues  Siloed solutions are the current response due to performance but multi- layered protection is the future Current Traditional Firewall Threats Legacy System Access IDS/IDP Basic Applications Worms Application Access Application Layer Threats Proxy Software Vulnerabilities 1 1 2 3 Required Complete Inspection must span the communication spectrum

19 SonicWALL CONFIDENTIAL All Rights Reserved Next Generation Security Requirements 1. Consolidated & Integrated Security Technology  Covering a Wide Spectrum of Content-based, File-based & Application Layer Attacks 2. Application Visibility  Inspection of Real-time & Latency Sensitive Applications/Traffic 3. Scalable & High Performing  High Speed Protection Against Perimeter and Internal Network Challenges Solutions Multi-Tiered Protection Threats Legacy System Access Basic Applications Worms Application Access Application Layer Threats Software Vulnerabilities DPI Firewall IDP/IPS/File App Layer Real-time Prot. What Is the Ideal Solution for Next Generation Protection? Content Filter

20 Introducing SonicWALL’s UTM Firewall Appliances

21 SonicWALL CONFIDENTIAL All Rights Reserved Next Generation NSA Architecture 21 SonicWALL Solution Features 1. Consolidated & Integrated Security Technology 2. Application Visibility - Inspection of Real-time & Latency Sensitive Applications/Traffic 3. Scalable & High Performing Enough to Protect Against Perimeter and Internal Network Challenges Multi-Tiered Protection Technology 2010 Security Requirements Re-Assembly Free DPI (RFDPI) Multi-Core High Perf. Architecture

22 SonicWALL CONFIDENTIAL All Rights Reserved  Next-Generation Unified Threat Management  Application Visibility & Awareness with ReAssembly-Free DPI (RFDPI)  Revolutionary Multi-Core Performance for Ultimate Scalability  Best-In-Class Performance and Protection Introducing the SonicWALL NSA and NSA E-Class Series The SonicWALL® Network Security Appliance (NSA) Series - the first multi- core Unified Threat Management (UTM) platform that delivers application aware Unified Threat Management without compromising performance RFDPI Engine Architecture From the NSA240 through to the award winning E-Class E8500 with multi-Gigabit throughput

23 © 2005 SonicWALL, Inc. All Rights Reserved - Confidential 23 SonicWALL Network Security Appliance Features 23 2. Ultimate Connectivity  Secure IPSec Site-to-Site VPN Connectivity  Exceptional User Policy Control and Access to Resources  Wireless Mobility  Network Availability 1. Security Integration  Complete UTM Protection with Gateway Anti-Virus, Anti-Spyware and IDP  Next Generation Application Firewall  Content & Application Filtering  “Clean VPN” Protection 3. Reliability & Optimization  Highly Redundant Hardware – Power/Fans  One Point of Network Control  Business Application Prioritization & QoS  Integrated Server Load Balancing Feature-set 4. Flexible Deployments  Data Center, Campus & Department Network Applications  Transparent L2 Bridge Mode  Integrated Wireless Switch Deployment  Ease of Deployment & Management

24 SonicWALL Network Security Appliance Features  Multi-Function Security Integration  Complete Threat Protection with Intrusion Prevention & Anti- Malware/Virus/Spyware  Content Control & URL Filtering  Full “Enterprise” quality Integrated Anti-SPAM  Protect whole infrastructures such as StoneWare Access  Application Visibility  Integrated Application Firewall  Policy control over Applications, Application use & File Types  Ultimate Connectivity  “Clean VPN” Secure IPSec Site-to-Site VPN Connectivity, Clean Wireless, Wireless Switch / Controller  Exceptional User Policy Control and Access to Resources  Integrated Wireless Switch offer “Clean Wireless”  Reliability, Optimization & Flexibility  Highly Redundant Hardware – Power/Fans  Business Application Prioritization & QoS  Integrated Server Load Balancing Feature-set  Flexible Deployments branch office, corporate & department network Applications  Award winning: Deployment & Management Deep Packet Firewall Clean VPN Intrusion Prevention Anti-Malware Content Filtering Bandwidth Management Application Firewall Full Ant-SPAM Clean Wireless 8/23/2015 24 CONFIDENTIAL All Rights Reserved

25 SonicWALL CONFIDENTIAL All Rights Reserved Introducing SonicOS 5.8 25 SonicOS 5.8 Redefines Deployment & Management Simplicity and Functionality  Application Firewall Feature Set  High Availability with statesync  Integrated Load Balancing  Application Bandwidth Management  Single Sign On  Fully Dynamic GUI  And more…

26 True L7 Application Intelligence SonicWALL CONFIDENTIAL All Rights Reserved Standard with CGSS on all models from TZ210 upwards Real time application visibility and control of users / apps Fully customisable Fully integrated into UTM appliance Simple to manage

27 The answer is…Application Intelligence  Intelligence  Reassembly Free Deep Packet Inspection  Identify & categorise traffic by source / destination  Identify & categorise traffic by application (not just port / protocol)  Identify & categorise traffic by user / group (not just IP )  Control  Intelligence based policy enforcement  Application & content control with 3000+ applications  Application level bandwidth management  Visualisation  View network threats & trends in real time  View application traffic by users  View application bandwidth useage (ingress / egress) 8/23/2015 27 CONFIDENTIAL All Rights Reserved

28 The answer is… DPI – Reassmbly Free  Reassembly Free Deep Packet Inspection  Avoid Latency (no buffering)  Unique to SonicWALL  Deep packet Inspection  Doesn’t just check the list  It searches…Deep inside …the data packet  All SonicWALL firewalls are Deep Packet inspection Firewalls 8/23/2015 28 CONFIDENTIAL All Rights Reserved

29 Layer 7 Application Visibility and Control © 2010 SonicWALL, Inc. All Rights Reserved - Confidential 29

30 SonicWALL CONFIDENTIAL All Rights Reserved Deployment Flexibility Deployments: Central Site, Distributed Networks, Layer 2 Bridge, Wireless Switch, Real-Time Application Protection

31 SonicWALL CONFIDENTIAL All Rights Reserved Data Collection Protection Development Deployed Protection Data Collection 010101010101010010 101010101001010101 010010101010100101 010101010100101010 101010010101001010 10100 24x7 Security Team UTM Appliances  NSA Series SonicWALL GRID Network SonicWALL’s Global Response Internet Defense (GRID) Network works 24x7 by gathering and sharing security intelligence across all product platforms

32 Product Specifications

33 SonicWALL UTM product range No. of users 0 to 1010 to 2525 to 50 Model TZ 100/wTZ 200/wTZ 210/w Interfaces5 Ethernet 2 Gigabit/E + 4 Ethernet Throughput90 Mbps200 Mbps UTM Through25 Mbps35 Mbps50 Mbps VPN Site toSite 51015 Client IPSEC (max) 1 (25)2 (10)2 (25) Client SSL (max) 0 (5)2 (10) 50 to 7575 to 150150 to 300300 to 700 NSA 240NSA 2400NSA 3500NSA 4500 3 Gigabit/E + 6 Ethernet 6 Gigabit/E 600 Mbps775 Mbps1,5 Gbps2,75 Gbps 110 Mbps150 Mbps240 Mbps600 Mbps 25758001 500 2 (25)10 (250)50 (1 000)500 (3 000) 2 (15)2 (25)2 (30) 700 to 1000 1000 to 1500 1500 to 5000 NSA E5500NSA E6500NSA E7500 8 Gigabit/E 4 Gigabit/E + 4 Gigabit Fibre 4 Gbps4,5 Gbps5,6 Gbps 850 Mbps1,6 Mbps1,7 Gpbs 4 0006 00010 000 2 000 (4 000)2 000 (6 000)2 000 (10 000) 2 (50) SMB Mid-Market Enterprise 8/23/201533

34 SonicWALL NEW UTM Appliance 8/23/2015 34 CONFIDENTIAL All Rights Reserved Featuring : 4 Gigabit/E + 4SFP Interfaces 8 GB Stateful Inspection throughput 2.2GB UTM throughput SonicWALL NSA E8500 UTM Appliance

35 SonicWALL CONFIDENTIAL All Rights Reserved 35 NSA Series NSA 5000NSA 4500NSA 3500NSA 2400 MXNSA 2400NSA 240 SonicOS Version Enhanced 5.8 Interfaces 6GE 16 GE6GE Stateful Firewall Throughput 1.8 Gbps2.75 Gbps1.5 Gbps775 Mbps 600 Mbps UTM Throughput 1.2 Gbps600 Mbps240 Mbps150 Mbps 110 Mbps UTM GAV Throughput 500 Mbps690 Mbps350 Mbps160 Mbps 115 Mbps UTM IPS Throughput 680 Mbps1.4 Gbps750 Mbps275 Mbps 195 Mbps 3DES / AES VPN Performance 350 Mbps1.0 Gbps625 Mbps300 Mbps 150 Mbps RAM 1GB512 MB 1GB SSL-VPN Future SonicOS HA A/P w/Statesync

36 E-Series Solution Statistics NSA E8500*NSA E7500*NSA E6500*NSA E5500* Node CountUnrestricted SonicOS VersionSonicOS Enhanced 5.8 Multi-Core16 Core16 Core 600Mhz16 Core 550Mhz8 Core 550Mhz Interfaces (4) 10/100/1000 Copper Gigabit Ports, (4) SFP Ports, 1 Gbe HA port (8) 10/100/1000 Copper Gigabit Ports, 1Gbe HA port Stateful Firewall Throughput8 Gbps5.6 Gbps5 Gbps3.9 Gbps UTM Throughput 2.2 Gbps1.7 Gbps1.59 Gbps850 Mbps UTM GAV Throughput2.25 Gbps1.84 Gbps1.69 Gbps1.0 Gbps UTM IPS Throughput3.7 Gbps2.58 Gbps2.3 Gbps2.0 Gbps 3DES/ AES VPN Performance4 Gbps3 Gbps2.7 Gbps1.7 Gbps Power SuppliesDual Hot Swappable Single Power Supply Cooling System (Fans)Dual Hot Swappable Visual Information DisplayYes Console PortYes Modular ExpandabilityYes (Future Use) * These are preliminary numbers subject to change // UTM, GAV, IPS tests performed using industry standard Spirent WebAvalance HTTP performance test

37 SonicWALL CONFIDENTIAL All Rights Reserved Next Generation Protection, Today 1. The NSA and E-Class Series Integrates Security To Cover The Widest Spectrum of Content-based, File-based & Application Layer Attacks 2. The NSA and E-Class Series Is Designed to Increase Application Visibility - Delivering Real-time & Latency Sensitive Applications/Traffic For Future Proofed Investment 3. The NSA and E-Class Series Is the Most Highly Performing & Scalable Solution In Class The Industry’s First Multi-core UTM Appliance delivering application visibility & deep packet inspection without significantly impacting network throughput

38 Competition

39 SonicWALL CONFIDENTIAL All Rights Reserved Better Protection & Performance Solutions Are Not Created Equal Deeper Inspection & Greater Performance * Competitive data obtained from vendor datasheet.

40 Better Protection & Performance Solutions Are Not Created Equal Deeper Inspection & Greater Performance

41 General USP’s  Total-protection – (GAV/IPS/Anti-Spyware) + AppF  Connectivity Fail-Over (W/W – UMTS)  Certified & Standards based – EAL4+  Price/Quality!  Distributed environments (many locations)  10% extra discount for government / schools  Secure Wireless Connectivity  Filtering on internet use (Content Filtering)  Offer support and licenses included

42 WHAT TO FIND – WHERE?  3 main resources:  www.sonicwall.com www.sonicwall.com  https://partnerlink.sonicwall.com/emea/ https://partnerlink.sonicwall.com/emea/  www.mysonicwall.com www.mysonicwall.com

43

44

45

46

Download ppt "SonicWALL UTM Firewall Overview November 2010 Andy Barrow SonicWALL Product Manager +44 1753 797944."

Similar presentations

Palo Alto Networks Jay Flanyak Channel Business Manager

Palo Alto Networks Jay Flanyak Channel Business Manager
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Network Basics.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Network Basics.
(c) 2003, SOHOware, Inc. Proprietary and Confidential Your OEM Partner for Intel XScale based Networking Appliances Targeting Small and Medium Business.

(c) 2003, SOHOware, Inc. Proprietary and Confidential Your OEM Partner for Intel XScale based Networking Appliances Targeting Small and Medium Business.
Introducing New Additions to ProSafe Advanced Smart Switch Family: GS724TR and GS748TR (ProSafe 24 and 48-port Gigabit Smart Switches with Static Routing)

Introducing New Additions to ProSafe Advanced Smart Switch Family: GS724TR and GS748TR (ProSafe 24 and 48-port Gigabit Smart Switches with Static Routing)
New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.

New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.
RSA Media & Analyst Briefing March 2-4, 2010. The CxOs Balancing Act Changing World, Changing Priorities, Increasing Danger 2 Changing WorldBusiness Priorities.

RSA Media & Analyst Briefing March 2-4, The CxOs Balancing Act Changing World, Changing Priorities, Increasing Danger 2 Changing WorldBusiness Priorities.
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.

© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.
Bucharest, July 31, 2012 | Bitdefender 2012 Cloud Security for Endpoints Customer Presentation.

Bucharest, July 31, 2012 | Bitdefender 2012 Cloud Security for Endpoints Customer Presentation.
Solutions Road Show 2014 March’ 2014 | India Protection from Next Gen Threats Pralobh Menon Sales Engineer DELL SonicWALL (South) Pralobh Menon Dell India.

Solutions Road Show 2014 March’ 2014 | India Protection from Next Gen Threats Pralobh Menon Sales Engineer DELL SonicWALL (South) Pralobh Menon Dell India.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.

Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.
MSIT 458: Information Security & Assurance By Curtis Pethley.

MSIT 458: Information Security & Assurance By Curtis Pethley.
It’s A New World. CONFIDENTIAL All Rights Reserved 2 The Business Impact Most of your network traffic will be coming from outside the private network.

It’s A New World. CONFIDENTIAL All Rights Reserved 2 The Business Impact Most of your network traffic will be coming from outside the private network.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
MIGRATION FROM SCREENOS TO JUNOS based firewall

MIGRATION FROM SCREENOS TO JUNOS based firewall
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Introduction to Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Introduction to Networks.
1 Cost-Effective Strategies for Countering Security Threats: IPSEC, SSLi and DDoS Mitigation Bruce Hembree, Senior Systems Engineer A10 Networks.

1 Cost-Effective Strategies for Countering Security Threats: IPSEC, SSLi and DDoS Mitigation Bruce Hembree, Senior Systems Engineer A10 Networks.
Challenges in Network Security 2011 SonicWALL Inc.

Challenges in Network Security 2011 SonicWALL Inc.

Similar presentations

Ads by Google