Transcription
SonicWall Gen 7 NSa SeriesSonicWall Generation 7 (Gen 7) Network SecurityAppliance (NSa QH[W JHQHUDWLRQ ƮUHZDOOV 1*):V RƬHUV medium- to large-sized enterprises industry-leadingperformance at the lowest total cost of ownershipin their class.With comprehensive security features such as intrusionprevention, VPN, application control, malware analysis,85/ ƮOWHULQJ '16 6HFXULW\ *HR ,3 DQG %RW QHW VHUYLFHV LW{SURWHFWV WKH SHULPHWHU IURP DGYDQFHG WKUHDWV ZLWKRXW becoming a bottleneck.HIGHLIGHTS 1 RU – Form Factor Support for 40G/25G/10G/5G/2.5G/1G ports Multi-gigabit Threat and MalwareAnalysis Throughput Superior TLS performance (sessionsand throughput) Expandable storage Enterprise Internet Edge Ready Latest Generation 7 SonicOS support Secure SD-WAN capability Intuitive single pane of glass management TLS 1.3 support Best-in-class price-performance Fast DPI performance Low TCO in its class High port density for easy networking SonicWall Switch, SonicWave Access PointDQG{&DSWXUH &OLHQW LQWHJUDWLRQ Redundant powerGen 7 NSa Series Spec Preview. View full specs »Up to19 GbpsUp to8 Million40G/25G/10G/5G/2.5G/1GThreat PreventionThroughputConnectionsPortsDATASHEETFind the right SonicWall solution foryour enterprise:sonicwall.com/products
Featuring a high port densityincluding multiple 40 GbEand 10 GbE ports, thesolution supports networkand hardware redundancywith high availability, anddual power supplies.SonicWall Generation 7 (Gen 7) Network Security Appliance(NSa QH[W JHQHUDWLRQ ƮUHZDOOV 1*):V RƬHUV PHGLXP WR large-sized enterprises industry-leading performance at thelowest total cost of ownership in their class.With comprehensive security features such as intrusionprevention, VPN, application control, malware analysis,85/ ƮOWHULQJ '16 6HFXULW\ *HR ,3 DQG %RW QHW VHUYLFHV it protects the perimeter from advanced threats withoutbecoming a bottleneck.The Gen 7 NSa Series has been built from the ground upwith the latest hardware components, all designed to delivermulti-gigabit threat prevention throughput — even forHQFU\SWHG WUDƱF )HDWXULQJ D KLJK SRUW GHQVLW\ LQFOXGLQJ multiple 40 GbE and 10 GbE ports, the solution supportsnetwork and hardware redundancy with high availability,DQG{GXDO SRZHU VXSSOLHV Generation 7 – SonicOS 7.0and Security ServicesThe Gen 7 NSa Series runs on SonicOS 7.0, a new operatingsystem built from the ground up to deliver a modernXVHU LQWHUIDFH LQWXLWLYH ZRUNưRZV DQG XVHU ƮUVW GHVLJQ principles. SonicOS 7.0 provides multiple features designedWR IDFLOLWDWH HQWHUSULVH OHYHO ZRUNưRZV ,W RƬHUV HDV\ Built to mitigate the advanced cyberattacks of today andtomorrow, the Gen 7 NSa 6HULHV RƬHUV DFFHVV WR 6RQLF:DOOoV DGYDQFHG ƮUHZDOO VHFXULW\ VHUYLFHV DOORZLQJ \RX WR SURWHFW SROLF\ FRQƮJXUDWLRQ ]HUR WRXFK GHSOR\PHQW DQG ưH[LEOH your entire IT infrastructure. Solutions and services suchERWK WKHLU VHFXULW\ DQG RSHUDWLRQDO HƱFLHQF\ Protection (ATP) cloud-based sandboxing, Real-Time Deepmanagement — all of which allow enterprises to improveThe Gen 7 NSa Series supports advanced networkingfeatures, such as SD-WAN, dynamic routing, layer 4-7as Cloud Application Security, Capture Advanced ThreatMemory Inspection (RTDMI ) and Reassembly-Free Deep3DFNHW ,QVSHFWLRQ 5)'3, t IRU DOO WUDƱF LQFOXGLQJ 7/6 high-availability and high-speed VPN functionality. t RƬHU FRPSUHKHQVLYH JDWHZD\ SURWHFWLRQ IURP PRVW the appliance provides a single-pane-of-glass interface toencrypted threats.,Q{DGGLWLRQ WR LQWHJUDWLQJ ƮUHZDOO DQG VZLWFK FDSDELOLWLHV manage both switches and access points.2 SonicWall Gen 7 NSa Seriesstealthy and dangerous malware, including zero-day and
DeploymentsThe Gen 7 NSa Series has two main deployment options for medium and distributed enterprises:Internet Edge DeploymentIn this standard deployment option, the Gen 7 NSa Series1*): SURWHFWV SULYDWH QHWZRUNV IURP PDOLFLRXV WUDƱF Service Providercoming from the internet, allowing you to: ISPDeploy a proven NGFW solution with highest performanceand port density (including 40 GbE and 10 GbEconnectivity) in its class RouterSwitch*DLQ YLVLELOLW\ DQG LQVSHFW HQFU\SWHG WUDƱF LQFOXGLQJ 7/6 to block evasive threats coming from the Internet — all withoutcompromising performance Internet EdgeNGFWProtect your enterprise with integrated security, includingPDOZDUH DQDO\VLV FORXG DSS VHFXULW\ 85/ ƮOWHULQJ DQG reputation services SwitchSwitchCampus/PrivateEdge NetworkSave space and money with an integrated NGFW solution thatincludes advanced security and networking capabilities DMZ NetworkPrivate Network5HGXFH FRPSOH[LW\ DQG PD[LPL]H HƱFLHQF\ XVLQJ D FHQWUDO management system delivered through an intuitive single-paneof-glass user interfaceMedium and Distributed EnterprisesThe SonicWall Gen 7 NSa Series supports SD-WAN and and distributed enterprises. This deployment allows FDQ EH FHQWUDOO\ PDQDJHG PDNLQJ LW DQ LGHDO ƮW IRU PHGLXP organizations to: Future-proof against an ever-changing threat landscapeby investing in a NGFW with multi-gigabit threatanalysis performanceProvide direct and secure internet access to distributed branchRƱFHV LQVWHDG RI EDFN KDXOLQJ WKURXJK FRUSRUDWH KHDGTXDUWHUV OORZ GLVWULEXWHG EUDQFK RƱFHV WR VHFXUHO\ DFFHVV LQWHUQDO UHVRXUFHV LQ FRUSRUDWH KHDGTXDUWHUV RU LQ D SXEOLF FORXG VLJQLƮFDQWO\ LPSURYLQJ DSSOLFDWLRQ ODWHQF\Automatically block threats that use encrypted protocols such asTLS 1.3, securing networks from the most advanced attacks.5HGXFH FRPSOH[LW\ DQG PD[LPL]H HƱFLHQF\ XVLQJ D FHQWUDO management system delivered through an intuitive single pane ofglass user interfaceLeverage high port density that includes 40 GbE and 10GbE connectivity to support a distributed enterprise andwide area networksGuestDirect Internet AccessInternetSD-WANBranchOfficeInternal ResourceAccessSonicWall Next Generation Firewall3 SonicWall Gen 7 NSa SeriesSD-WANEnterpriseHeadquartersSonicWall Next Generation Firewall
SonicWall Gen 7 NSa SeriesNSa 2700Console16 x 1-GbEPort1 GbE MgmtPorts3 x 10-GbE SFP/USB 3.0SFP PortsportsPowerButtonOptional RedundantPower AdapterPowerAdapterNSa 3700Console4 x 5-GbEPort1 GbE MgmtUSB 3.024 x 1-GbEPortsPortsPower6 x 10-GbE SFP/ButtonSFP PortsportsOptional RedundantPower AdapterDualFans4 SonicWall Gen 7 NSa SeriesPowerAdapter
SonicWall Gen 7 NSa Series Cont’dNSa 4700Console24 x 1-GbEPort1 GbE MgmtUSB 3.0PortsPower6 x 10G/5G/2.5G/1GButtonSFP PortsportsRedundantFansOptional RedundantPower Adapter128GB Built-inStoragePowerStorage ExpansionAdapterSlot (Up to 1TB)NSa 5700ConsolePort1 GbE MgmtUSB 3.02 x 10G/5G/2.5G/1GCu Ports24 x 1-GbEPortsPower6 x 10G/5G/2.5G/1GButtonSFP PortsPortsRedundantFansOptional RedundantPower Adapter128GB Built-inStorageStorage ExpansionSlot (Up to 1TB)5 SonicWall Gen 7 NSa SeriesPowerAdapter
SonicWall Gen 7 NSa Series Cont’dNSa 6700ConsolePort1 GbE MgmtUSB 3.0ports8 x 25-GbEPorts4 x 10/5/2.5/1GbE Cu Ports2 x 40-GbEQSFP 16 x 1-GbEPortsPower4 x 10/5/2.5/1 GbEButtonSFP/SFP PortsPortsRedundantFansOptional RedundantPower Adapter256GB Built-inStorageStorage ExpansionSlot (Up to 1TB)PowerAdapterPARTNER ENABLED SERVICESNeed help to plan, deploy or optimizeyour SonicWall solution? SonicWallAdvanced Services Partners are trained toprovide you with world class professionalservices. Learn more at:www.sonicwall.com/PES6 SonicWall Gen 7 NSa Series
Gen 7 NSa 6HULHV 6\VWHP 6SHFLƮFDWLRQVFirewallNSa 2700NSa 3700Operating systemInterfacesStorageExpansionLogical VLAN and tunnelinterfaces (maximum)SSO UsersAccess points supported(maximum)NSa 4700NSa 5700NSa 67006x10G/5G/2.5G/1G(SFP ); 2x10G/5G/2.5G/1G(Cu); 24 x 1GbE Cu2 USB 3.0, {&RQVROH 1 Mgmt. port2x40G; 8x25G,4 x10G/5G/2.5/1GSFP , 4 x10G/5G/2.5G/1G(Cu); {[ *E( &X 2 USB 3.0, {&RQVROH 1 Mgmt. portSonicOS 724x1GbE,6x10G SFP ,4x5G SFP ,2 USB 3.0,1 Console, {0JPW SRUW16x1GbE,3x10G SFP ,2 USB 3.0,1 Console,1 Mgmt. port64GB M.2128GB M.26x10G/5G/2.5G/1G(SFP ); [ *E({&X2 USB 3.0,1 Console,1 Mgmt. port128GB128GB256GB M.2Storage ExpansionSlot (Up to 256GB)Storage ExpansionSlot (Up to 256GB)Storage ExpansionSlot (Up to 1TB)Storage ExpansionSlot (Up to 1TB)Storage ExpansionSlot (Up to 232512512512Firewall/VPN PerformanceFirewall inspection throughputǂ5.2 GbpsApplication inspectionthroughputǃ3.0 Gbps3.5 Gbps9.5 Gbps15 Gbps19 Gbps3.6 Gbps4.2 Gbps11 Gbps18 Gbps20 Gbps3.4 Gbps3.8 Gbps10 Gbps17 Gbps20 Gbps2.9 Gbps3.5 Gbps9.5 Gbps16 Gbps18.5 Gbps800 Mbps850 Mbps5 Gbps7 Gbps9 GbpsIPSec VPN throughputDŽ2.10 Gbps2.2 Gbps11 Gbps15 Gbps19 GbpsMaximum Connections Maximum connections at Prevention throughputǃIPS throughputǃAnti-malware inspectionthroughputǃTLS/SSL inspection anddecryption throughput (DPI SSL)ǃConnections per secondMAX DPI-SSL ConnectionsVPNSite-to-site VPN tunnelsIPSec VPN clients (max)SSL VPN licenses (max)Encryption/AuthenticationKey exchangeRoute-based VPN&HUWLƮFDWH VXSSRUWVPN featuresGlobal VPN client platformssupportedNetExtenderMobile ConnectSecurity servicesDeep Packet Inspection servicesContent Filtering Service (CFS)7 SonicWall Gen 7 NSa Series5.5 Gbps21,500125,0002,00050 (1000)2 (500)18 Gbps22,500150,0003,000115,000350,0004,00050 (1000)500 (3000)2 (500)2 (1000)28 Gbps228,000350,0006,0002000 (4000)2 (1500)DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B Cryptography36 Gbps228,000750,0006,0002000 (6000)2 (1500)'LƱH HOOPDQ *URXSV YRIP, OSPF, BGPVerisign, Thawte, Cybertrust, RSA Keon, Entrust and Microsoft CA for SonicWall-to-SonicWall VPN, SCEPDead Peer Detection, DHCP Over VPN, IPSec NAT Traversal, Redundant VPN Gateway, Route-based VPNWindows 10Windows 10 and LinuxApple iOS, Mac OS X, Android, KindleFire, Chrome OS, Windows 10Microsoft Windows Vista 32/64-bit, Windows 7 32/64-bit,:LQGRZV ELW :LQGRZV{ { ELW :LQGRZV Microsoft Windows Vista 32/64-bit, Windows 7, Windows8.0 32/64-bit, Windows 8.1 32/64-bit, Mac OS X 10.4 ,/LQX[{)& 8EXQWX 2SHQ686(Apple iOS, Mac OS X, Google Android , Kindle Fire,Chrome, Windows 8.1 (Embedded)Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention, DPI SSL 773 85/ 7736 ,3 NH\ZRUG DQG FRQWHQW VFDQQLQJ &RPSUHKHQVLYH ƮOWHULQJ EDVHG RQ ƮOH W\SHV VXFK{DV FWLYH; -DYD &RRNLHV IRU SULYDF\ DOORZ IRUELG OLVWV
Gen 7 NSa 6HULHV 6\VWHP 6SHFLƮFDWLRQVFirewallNSa 2700NSa 3700NSa 4700Comprehensive Anti-SpamServiceNSa 5700NSa 6700SupportedApplication VisualizationYesCapture Advanced ThreatProtectionYesApplication ControlYesNetworkingIP address assignmentNAT modesRouting protocolsQoSAuthenticationLocal user databaseVoIPStandardsStatic (DHCP, PPPoE, L2TP and PPTP client), Internal DHCP server, DHCP relay PDQ\ PDQ\ PDQ\ PDQ\ ưH[LEOH 1 7 RYHUODSSLQJ ,3V 3 7 WUDQVSDUHQW PRGHBGP4, OSPF, RIPv1/v2, static routes, policy-based routingBandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1e (WMM)LDAP (multiple domains), XAUTH/RADIUS, TACACS , SSO, Radius accounting NTLM,internal user database, 2FA, Terminal Services, Citrix, Common Access Card (CAC)10001000SupportedHigh availabilityActive/Passive with stateful synchronizationHardwarePower supplyMaximum power consumption (W)Redundant Power SupplyTotal heat dissipationDimensionsWeightWEEE weightShipping weightEnvironment (Operating/Storage)HumidityRegulatoryRegulatory model numbersMajor regulatory compliance160W108.1100-240 VAC, 50-60 Hz123.78 BTU368.62 BTU22 (removable)128.1139.2350W436.82 BTU350W474.67 BTU43 x 32.5 x 4.5 (cm)16.9 x 12.8 x 1.8 in43 x 32.5 x 4.5 (cm)16.9 x 12.8 x 1.8 in43 x 46.5 x 4.5 (cm)16.9 x 18.1 x 1.8 in43 x 46.5 x 4.5 (cm)16.9 x 18.1 x 1.8 in43 x 46.5 x 4.5 (cm)16.9 x 18.1 x 1.8 in4.2 kg / 9.3 lbs4.8 kg / 10.6 lbs9.6 Kg9.6 Kg9.9 Kg4.0 kg / 8.8 lbs6.4 kg / 14.1 lbs4.6 kg / 10.2 lbs7.8 Kg7.8 Kg8.1 Kg7 kg / 15.4lbs13.5 Kg13.5 Kg13.8 Kg5-95%non-condensing5-95%non-condensing0-90% R.Hnon-condensing0-90% R.Hnon-condensing0-90% 1161RK54-11832 -105 F (0 -40 C)/-40 to 158 F (-40 to 70 C)FCC Class A, CE (EMC, LVD, RoHS), C-Tick, VCCI Class A, MSIP/KCC Class A, UL, cUL,TUV/GS, CB, Mexico CoC by UL, WEEE , REACH, ANATEL, BSMI2 7 KUHDW 3UHYHQWLRQ *DWHZD\ 9 QWL 6S\ ZDUH ,36 WKURXJKSXW PHDVXUHG XVLQJ LQGXVWU \ VWDQGDUG .H\VLJKW 773 SHUIRUPDQFH WHVW WRROV 7HVWLQJ GRQH ZLWK PXOWLSOH IORZV WKURXJK PXOWLSOH SRUW SDLUV 7KUHDW 3UHYHQWLRQ WKURXJKSXW PHDVXUHG ZLWK *DWHZD\ 9 QWL 6S\ ZDUH ,36 DQG SSOLFDWLRQ &RQWURO HQDEOHG SonicWall Gen 7 NSa Series350W36.3Testing Methodologies: Maximum performance based on RFC 2544IRU{ILUHZDOO FWXDO{SHUIRUPDQFH PD\ YDU \ GHSHQGLQJ RQ QHWZRUN FRQGLWLRQV DQG DFWLYDWHG{VHU YLFHV 2 (removable)90W21.573.32 BTU1U Rack Mountable2183200FIPS 140-2 (with Suite B), UC APL, IPv6 (Phase 2), ICSA Network Firewall,ICSA Anti-virus, Common Criteria NDPP (Firewall and IPS)Common Access Card (CAC)Fans2500TCP/IP, UDP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS, IEEE 802.3&HUWLƮFDWLRQV SHQGLQJForm factor2500Full H323-v1-5, SIP3 9 31 WKURXJKSXW PHDVXUHG ZLWK 8'3 WUDIILF XVLQJ E\ WH SDFNHW VL]H (6*0 & (QFU \SWLRQ DGKHULQJ WR 5)& OO VSHFLILFDWLRQV IHDWXUHV DQG DYDLODELOLW\ DUH VXEMHFW WR FKDQJH
SonicOS 7.0 Feature SummaryFirewall Stateful packet inspectionReassembly-Free DeepPacket InspectionDDoS attack protection (UDP/,&03 6 1 ưRRGIPv4/IPv6 supportBiometric authenticationfor remote accessDNS proxyFull API supportSonicWall Switch integrationSD-WAN scalabilitySD-WAN Usability Wizard1Connections scalability(SPI, DPI, DPI SSL)Enhanced dashboard1Enhanced device view 7RS WUDƱF DQG XVHU VXPPDU\ Insights to threats1RWLƮFDWLRQ FHQWHU TLS/SSL/SSH decryptionand inspection TLS 1.3 with enhanced security1 Deep packet inspectionfor TLS/SSL/SSHInclusion/exclusion of objects, groupsor hostnamesSSL controlEnhancements for DPI-SSL with CFS Granular DPI SSL controls per zone or rule Real-Time Deep Memory Inspection Capture advanced threat protection²Cloud-based multi-engine analysis²Virtualized sandboxingHypervisor level analysisFull system emulation%URDG ƮOH W\SH H[DPLQDWLRQAutomated and manual submissionSignature-based scanning Granular IPS rule capability9Bi-directional inspectionGeoIP enforcement SonicWall Gen 7 NSa SeriesRegular expression matchingStream-based malware scanning Gateway anti-virus Bi-directional inspection Gateway anti-spyware1R ƮOH VL]H OLPLWDWLRQ Cloud malware Application reporting over NetFlow/IPFIXComprehensive applicationsignature databaseUser activityApplication/bandwidth/threat usageCloud-based analytics 85/ ƮOWHULQJ Keyword blocking Proxy avoidance3ROLF\ EDVHG ƮOWHULQJ (exclusion/inclusion)HTTP header insertionBandwidth manage CFSrating categories8QLƮHG SROLF\ PRGHO ZLWK DSS FRQWURO Content Filtering ClientVPNSecure SD-WAN Auto-provision VPN SSL VPN and IPSecclient remote access VLAN trunking Layer-2 QoS Enhanced loggingPort mirroring (SonicWall Switch)Port securityDynamic routing (RIP/OSPF/BGP)Data leakage preventionHTTP/HTTPS WebFRQWHQW ƮOWHULQJǃ 7UDƱF YLVXDOL]DWLRQ DQG DQDO\WLFV Path MTU discovery NATCustom application signature creation -XPER IUDPHV PortShieldApplication bandwidth managementApplication control SonicWall wireless controller Networking SSOLFDWLRQ LGHQWLƮFDWLRQǃCapture Client²Automatic signature updates Block until verdict%RWQHW ƮOWHULQJ ZLWK G\QDPLF OLVWAnti-malwareǃ Real-time threat intelligence updates²Intrusion preventionǃ IPSec VPN for site-to-site connectivityRedundant VPN gatewayMobile Connect for iOS, Mac OSX, Windows, Chrome, Androidand Kindle FireRoute-based VPN (OSPF, RIP, BGP) Policy-based routing (ToS/metric and ECMP)DHCP serverBandwidth management A/P high availability with state sync High availability - Active/Standby withstate sync Inbound/outbound load balancingL2 bridge, wire/virtual wire mode, tapmode, NAT modeAsymmetric routingCommon Access Card (CAC) supportVoIP Granular QoS control '3, IRU 9R,3 WUDƱF Bandwidth managementH.323 gatekeeper andSIP proxy supportManagement, monitoringand support Capture SecurityAppliance (CSa) supportCapture Threat Assessment (CTA) v2.0 New design or template New UI/UX, Intuitive feature layout1 Industry and globalaverage comparisonDashboardDevice information, application, threats Topology view 6LPSOLƮHG SROLF\ creation and managementPolicy/Objects usage statistics1Used vs Un-used Active vs Inactive Storage support1 Global search for static data
Authorized Distributor :HQ Office (KL)SecureOne Distribu on Sdn Bhd (828358 - X)Northern OfficeSecureOne Distribu on (Northern) Sdn Bhd (977172 - H)Tel: 6(03) 7984 6086 Fax: 6(03) 7984 6032Email: sales@secureone.com.myTel: 6(04) 619 2692 Fax: 6(04) 619 2699Email: northern@secureone.com.myNo.7, Jalan 109E, Desa Business Park,Taman Desa, Jalan Kelang Lama,58100 Kuala Lumpur, Malaysia.1A-2-02 @ One Precint (1160),Lengkok Mayang Pasir,11950 Bayan Baru, Penang, Malaysia.www.secureone.com.my
The Gen 7 NSa Series has two main deployment options for medium and distributed . SSL VPN licenses (max) 2 (500) 2 (500) 2 (1000) 2 (1500) 2 (1500) . Thawte, Cybertrust, RSA Keon, Entrust and Microsoft CA for SonicWall-to-SonicWall VPN, SCEP VPN features Dead Peer Detection, DHCP Over VPN, IPSec NAT Traversal, Redundant VPN Gateway, Route .
