SonicWALL Network Security Appliance (NSA) Series - Medialine

Transcription

SonicWALL Network SecurityAppliance (NSA) SeriesIndustry-validated security effectiveness and performance formid-sized networksThe Dell SonicWALL Network SecurityAppliance (NSA) series providesmid-sized networks, branch officesand distributed enterprises withadvanced threat prevention in ahigh-performance security platform.Combining next-generation firewalltechnology with our patented*Reassembly-Free Deep PacketInspection (RFDPI) engine on amulti-core architecture, the NSA seriesoffers the security, performance andcontrol organizations require.Superior threat preventionand performanceNSA series next-generation firewalls(NGFWs) integrate a series of advancedsecurity technologies to deliver asuperior level of threat prevention.Our patented single-pass RFDPIthreat prevention engine examinesevery byte of every packet, inspectingboth inbound and outbound trafficsimultaneously. The NSA seriesleverages on-box capabilities includingintrusion prevention, anti-malware andweb/URL filtering in addition to cloudbased services such as CloudAV andDell SonicWALL Capture multi-enginesandboxing to block zero-day threatsat the gateway. Unlike other securityproducts that cannot inspect large filesfor hidden threats, NSA firewalls scanfiles of any size across all ports andprotocols. The security architecturein Dell SonicWALL NGFWs has beenvalidated as one of the industry’s bestfor security effectiveness by NSS Labswhich awarded Dell SonicWALL its“Recommended” rating for the fourthconsecutive year.Going beyond intrusion prevention,anti-malware and web filtering, DellSonicWALL NGFWs provide a furtherlevel of protection by decryptingand inspecting SSL/TLS encryptedweb traffic for hidden threats in realtime. With the continued growth ofencrypted web traffic, organizationsare effectively blind to an estimatedone-third of their network traffic.This makes SSL/TLS decryption andinspection a critical component of anysecurity solution.When organizations activate deeppacket inspection functions such asintrusion prevention, anti-virus, antispyware, SSL decryption/inspectionand others on their firewalls networkperformance often slows down,sometimes dramatically. NSA seriesfirewalls feature a multi-core hardwarearchitecture that utilizes specializedsecurity microprocessors. Combinedwith our RFDPI engine, this uniquedesign eliminates the performancedegradation networks experience withother firewalls.In today’s security environment it’s notenough to rely on solely on outsideparties for threat information. That’swhy Dell SonicWALL formed its ownin-house threat research team morethan 15 years ago. This dedicatedteam gathers, analyzes and vets datafrom over one million sensors in itsGlobal Response Intelligent Defense(GRID) network. Dell SonicWALL alsoparticipates in industry collaborationefforts and engages with threatresearch communities to gatherand share samples of attacks andvulnerabilities. This shared threatintelligence is used to developreal-time countermeasures thatare automatically deployed to ourcustomers’ firewalls.*U.S. Patents 7,310,815; 7,600,257; 7,738,380; 7,835,361; 7,991,723Benefits:Superior threat prevention andperformance Patented reassembly-free deeppacket inspection technology On-box and cloud-basedthreat prevention SSL/TLS decryption andinspection Industry-validated securityeffectiveness Multi-core hardware architecture Dedicated in-house threatresearch teamNetwork control and flexibility Powerful SonicOSoperating system Application intelligenceand control Network segmentationwith VLANs Wireless network securityEasy deployment, setup andongoing management Tightly integrated solution Centralized management Scalability through multiplehardware platforms Low total cost of ownership

Network control and flexibilityFor organizations that requireadvanced flexibility in their networkdesign, SonicOS offers the tools tosecurely segment the network throughthe use of virtual LANs (VLANs) whichenable network administrators tocreate a virtual LAN interface thatallows for network separation into oneor more logical groups. Administratorscreate rules that determine the level ofcommunication with devices onother VLANs.At the core of the NSA series is SonicOS,Dell SonicWALL’s feature-rich operatingsystem. SonicOS provides organizationswith the network control and flexibilitythey require through applicationintelligence and control, real-timevisualization, an intrusion preventionsystem (IPS) featuring sophisticatedanti-evasion technology, high-speedvirtual private networking (VPN) andother robust security features.Built into every NSA series firewall is awireless access controller that enablesorganizations to extend the networkperimeter securely through the useof wireless technology. Together, DellSonicWALL firewalls and SonicPoint802.11ac wireless access points createa wireless network security solutionthat combines industry-leading nextgeneration firewall technology withhigh-speed wireless for enterprise-classnetwork security and performanceacross the wireless network.Using application intelligence andcontrol, network administrators canidentify and categorize productiveapplications from those that areunproductive or potentially dangerous,and control that traffic throughpowerful application-level policies onboth a per-user and a per-group basis(along with schedules and exceptionlists). Business-critical applicationscan be prioritized and allocatedmore bandwidth while non-essentialapplications are bandwidth-limited.Real-time monitoring and visualizationprovides a graphical representationof applications, users and bandwidthusage for granular insight into trafficacross the network.Easy deployment, setup andongoing managementLike all Dell SonicWALL firewalls,the NSA series tightly integratesIPS with soanti-e phiva ssSan SLdPatentedsingle passRFDPIengineptioncry tionde specintedacti nio-NnstNmetial t w onasiw a rk-b a s e dsare wit h c l o u dexti ot-gneenevre r atpi o n t h r e atkey security, connectivity andflexibility technologies into a single,comprehensive solution. This includesSonicPoint wireless access points andthe Dell SonicWALL WAN AccelerationAppliance (WXA) series, both ofwhich are automatically detectedand provisioned by the managingNSA firewall. Consolidating multiplecapabilities eliminates the need topurchase and install point productsthat don’t always work well together.This reduces the effort it takes todeploy the solution into the networkand configure it, saving both timeand money.Ongoing management and monitoringof network security are handledcentrally through the firewall orthrough the Dell SonicWALL GlobalManagement System (GMS), providingnetwork administrators with a singlepane of glass from which to manage allaspects of the network. Together, thesimplified deployment and setup alongwith the ease of management enableorganizations to lower their total costof ownership and realize a high returnon investment.

Network Security Appliance 2600Network Security Appliance 3600/4600The Dell SonicWALL NSA 2600 is designed to address theneeds of growing small organizations, branch offices andschool campuses.The Dell SonicWALL NSA 3600/4600 is ideal for branchoffice and small- to medium-sized corporate environmentsconcerned about throughput capacity and performance.DualUSB portsConsole8 x 1GbEportsExpansionmoduleDual2 x 10GbEUSB ports SFP ports1GbEmanagementConsoleDual fansPowerExpansion bayfor future use12 x 1GbEports1GbE4 x 1GbEmanagement SFP portsDual fansPowerFirewallNSA 2600FirewallNSA 3600NSA 4600Firewall throughput1.9 GbpsFirewall throughput3.4 Gbps6.0 GbpsIPS throughput700 MbpsIPS throughput1.1 Gbps2.0 GbpsAnti-malware throughput400 MbpsAnti-malware throughput600 Mbps1.1 GbpsFull DPI throughput300 MbpsFull DPI throughput500 Mbps800 MbpsIMIX throughput600 MbpsIMIX throughput900 Mbps1.6 GbpsMaximum DPI connections125,000Maximum DPI connections175,000200,000New connections/sec15,000/secNew escriptionNSA 3600NSA 4600NSA 2600 firewall only01-SSC-3860Firewall only01-SSC-385001-SSC-3840NSA 2600 TotalSecure (1-year)01-SSC-3863TotalSecure (1-year)01-SSC-385301-SSC-3843

Network Security Appliance 5600Network Security Appliance 6600The Dell SonicWALL NSA 5600 is ideal for distributed,branch office and corporate environments needingsignificant throughput.The Dell SonicWALL NSA 6600 is ideal for large distributedand corporate central site environments requiring highthroughput capacity and performance.2 x 10GbEDualUSB ports SFP ports12 x 1GbEportsDualUSB portsConsoleConsole1GbE4 x 1GbEmanagement SFP portsExpansion bayfor future useDual fansFirewallFirewall throughputIPS throughputAnti-malware throughputFull DPI throughputIMIX throughputMaximum DPI connectionsNew connections/secDescriptionNSA 5600 firewall onlyNSA 5600 TotalSecure (1-year)PowerNSA 56009.0 Gbps3.0 Gbps1.7 Gbps1.6 Gbps2.4 nsion bayfor future use4 x 10GbESFP ports1GbEmanagementDual hotswappablefansFirewallFirewall throughputIPS throughputAnti-malware throughputFull DPI throughputIMIX throughputMaximum DPI connectionsNew connections/secDescriptionNSA 6600 firewall onlyNSA 6600 TotalSecure (1-year)8 x 1GbEports8 x 1GbESFP portsPowerNSA 660012.0 Gbps4.5 Gbps3.0 Gbps3.0 Gbps3.5 Gbps500,00090,000/secSKU01-SSC-382001-SSC-3823

Reassembly-Free Deep PacketInspection engineseek to confuse detection engines andsneak malicious code into the network.attack, or other “match” event, at whichpoint a pre-set action is taken.The Dell SonicWALL Reassembly-FreeDeep Packet Inspection (RFDPI) engineprovides superior threat protectionand application control withoutcompromising performance. It relieson streaming traffic payload inspectionto detect threats at Layers 3-7, andtakes network streams throughextensive and repeated normalizationand decryption in order to neutralizeadvanced evasion techniques thatOnce a packet undergoes thenecessary pre-processing, includingSSL decryption, it is analyzed againsta single, proprietary memoryrepresentation of three signaturedatabases: intrusion attacks, malwareand applications. The connectionstate is then advanced to represent theposition of the stream relative to thesedatabases until it encounters a state ofIn most cases, the connection isterminated and proper loggingand notification events are created.However, the engine can also beconfigured for inspection only or,in case of application detection,to provide Layer 7 bandwidthmanagement services for theremainder of the application stream assoon as the application is identified.Packet assembly-based processProxyScanningPacket reassembly-free processPacketdisassemblyTraffic inTraffic outInspection timeLessMoreWhen proxybecomes full orcontent too large,files bypassscanningInspection capacityMinInspection timeMaxLessCompetitive architectureFlexible, customizable deploymentoptions – NSA series at-a-glanceEvery Dell SonicWALL NSA applianceutilizes a breakthrough, multi-corehardware design and RFDPI for internaland external network protectionwithout compromising networkperformance. The NSA series NGFWscombine high-speed intrusionprevention, file and content inspection,and powerful application intelligenceand control with an extensive arrayof advanced networking and flexibleconfiguration features. The NSA seriesoffers an affordable platform that iseasy to deploy and manage in a widevariety of large, branch office anddistributed network environments.Traffic outTraffic inInspection capacityMoreReassembly-free packetscanning without proxyor content size limitationsMinMaxDell SonicWALL architectureNSA series as central-site gatewayHA data linkStateful high availabilityHF linkInternetInternetDual ISP failoverInternetMulti-WAN redundancyNSA series as in-line NGFW solutionInternetFull User zoneAdministrativeServers

Security and protectionThe dedicated, in-house DellSonicWALL Threat Research Teamworks on researching and developingcounter-measures to deploy to thefirewalls in the field for up-to-dateprotection. The team leverages morethan one million sensors across theglobe for malware samples, and fortelemetry feedback on the latest threatinformation, which in turn is fed intothe intrusion prevention, anti-malwareand application detection capabilities.Dell SonicWALL NGFW customersbenefit from continuously updatedthreat protection around the clock, withnew updates taking effect immediatelywithout reboots or interruptions. Thesignatures resident on the appliancesApplication intelligenceand controlApplication intelligence informsadministrators of application traffictraversing their network, so they canschedule application controls based onbusiness priority, throttle unproductiveapplications and block potentiallydangerous applications. Real-timevisualization identifies traffic anomaliesas they happen, enabling immediatecountermeasures against potentialinbound or outbound attacks orperformance bottlenecks.Dell SonicWALL Application TrafficAnalytics provide granular insight intoapplication traffic, bandwidth utilizationand security threats, as well aspowerful troubleshooting and forensicscapabilities. Additionally, secure SingleSign-On (SSO) capabilities ease theuser experience, increase productivityand reduce support calls.The Dell SonicWALL GlobalManagement System (GMS )simplifies management of applicationintelligence and control using anintuitive, web-based interface.are designed to protect against wideclasses of attacks, covering tens ofthousands of individual threats with asingle signature.In addition to the countermeasureson the appliance, NSA appliances alsohave access to the Dell SonicWALLCloudAV Service, which extendsthe onboard signature intelligencewith over 30 million signatures. ThisCloudAV database is accessed via aproprietary, light-weight protocol bythe firewall to augment the inspectiondone on the appliance. With Geo-IPand botnet filtering capabilities, DellSonicWALL NGFWs are able to blocktraffic from dangerous domains orentire geographies in order to reducethe risk profile of the network.ProtectionCollectionCreationClassification

FeaturesRFDPI engineFeatureDescriptionReassembly-Free Deep PacketInspection (RFDPI)This high-performance, proprietary and patented inspection engine performs streambased bi-directional traffic analysis, without proxying or buffering, to uncover intrusionattempts, malware and identify application traffic regardless of port.Bi-directional inspectionScans for threats in both inbound and outbound traffic simultaneously to ensure that thenetwork is not used to distribute malware, and does not become a launch platform forattacks in case an infected machine is brought inside.Stream-based inspectionProxy-less and non-buffering inspection technology provides ultra-low latency performancefor DPI of millions of simultaneous network streams without introducing file and stream sizelimitations, and can be applied on common protocols as well as raw TCP streams.Highly parallel and scalableThe unique design of the RFDPI engine works with the multi-core architecture to providehigh DPI throughput and extremely high new session establishment rates to deal withtraffic spikes in demanding networks.Single-pass inspectionA single-pass DPI architecture simultaneously scans for malware, intrusions andapplication identification, drastically reducing DPI latency and ensuring that all threatinformation is correlated in a single architecture.Capture ATPFeatureDescriptionMulti-engine sandboxingThe multi-engine sandbox platform, which includes virtualized sandboxing, full systememulation and hypervisor level analysis technology, executes suspicious code andanalyzes behavior, providing comprehensive visibility into malicious activity.Broad file type and size analysisAnalyzes a broad range of file types including executable programs (PE), DLL, PDFs, MSOffice documents, archives, JAR, and APK plus multiple operating systems (Windows,Android, Mac OS X) and multi-browser environments.Rapid deployment of signaturesWhen a file is identified as malicious, a signature is immediately deployed to firewallswith an active SonicWALL Capture subscription as well as GRID Gateway Anti-virus andIPS signature databases plus URL, IP and domain reputation databases within 48 hours.Block until verdictTo prevent potentially malicious files from entering the network, files sent to the cloudfor analysis can be held at the gateway until a verdict is determined.Intrusion preventionFeatureDescriptionCountermeasure-based protectionTightly integrated intrusion prevention system (IPS) leverages signatures and othercountermeasures to scan packet payloads for vulnerabilities and exploits, covering abroad spectrum of attacks and vulnerabilities.Automatic signature updatesThe Dell SonicWALL Threat Research Team continuously researches and deploys updatesto an extensive list of IPS countermeasures that covers more than 50 attack categories. Thenew updates take immediate effect without any reboot or service interruption required.Intra-zone IPS protectionBolsters internal security by segmenting the network into multiple security zones withintrusion prevention, preventing threats from propagating across the zone boundaries.Botnet command and control (CnC)detection and blockingIdentifies and blocks command and control traffic originating from bots on the local networkto IPs and domains that are identified as propagating malware or are known CnC points.Protocol abuse/anomaly detectionand preventionIdentifies and blocks attacks that abuse protocols in an attempt to sneak past the IPS.Zero-day protectionProtects the network against zero-day attacks with constant updates against the latestexploit methods and techniques that cover thousands of individual exploits.Anti-evasion technologyExtensive stream normalization, decoding and other techniques ensure that threats donot enter the network undetected by utilizing evasion techniques in Layers 2-7.

Threat preventionFeatureDescriptionNetwork-based malware protectionThe Dell SonicWALL RFDPI engine scans all inbound, outbound and intra-zone trafficfor viruses, Trojans, key loggers and other malware in files of unlimited length and sizeacross all ports and TCP streams.CloudAV malware protectionA continuously updated database of over 30 million threat signatures resides in the DellSonicWALL cloud servers and is referenced to augment the capabilities of the onboardsignature database, providing RFDPI with extensive coverage of threats.Cloud-based sandboxingDell SonicWALL Capture Advance Threat Protection Service uses cloud-based, multiengine sandboxing, including full system emulation, virtualization and hypervisor leveltechniques, to analyze suspicious files, detect malicious behavior and block unknownand zero-day attacks at the gateway.Around-the-clock security updatesThe Dell SonicWALL Threat Research Team analyzes new threats and releasescountermeasures 24 hours a day, 7 days a week. New threat updates are automaticallypushed to firewalls in the field with active security services, and take effect immediatelywithout reboots or interruptions.SSL decryption and inspectionDecrypts and inspects SSL traffic on the fly, without proxying, for malware, intrusionsand data leakage, and applies application, URL and content control policies in order toprotect against threats hidden in SSL encrypted traffic.Bi-directional raw TCP inspectionThe RFDPI engine is capable of scanning raw TCP streams on any port bi-directionally,preventing attacks that try to sneak by outdated security systems that focus on securinga few well-known ports.Extensive protocol supportIdentifies common protocols such as HTTP/S, FTP, SMTP, SMBv1/v2 and others, which donot send data in raw TCP, and decodes payloads for malware inspection, even if they donot run on standard, well-known ports.Enforced Anti-Virus andAnti-Spyware Client softwareAutomatically detect non-compliant endpoint machines and install the Dell Anti-Virusand Anti-Spyware software* machine-by-machine across the network regardlessof whether devices are inside the corporate network or outside connected via VPN.Windows only.*Requires the Dell SonicWALL Anti-Virus and Anti-Spyware Client softwareApplication intelligence and controlFeatureDescriptionApplication controlControls applications, or individual application features, which are identified by the RFDPIengine against a continuously expanding database of over 3,500 application signatures,to increase network security and enhance network productivity.Custom application identificationControls custom applications by creating signatures based on specific parameters orpatterns unique to an application in its network communications, in order to gain furthercontrol over the network.Application bandwidth managementGranularly allocate and regulate available bandwidth for critical applications orapplication categories while inhibiting nonessential application traffic.On-box/off-box traffic visualizationIdentifies bandwidth utilization and analyzes network behavior with real-time, on-boxapplication traffic visualization and off-box application traffic reporting via NetFlow/IPFix.Granular controlControls applications, or specific components of an application, based on schedules,user groups, exclusion lists and a range of actions with full SSO user identificationthrough LDAP/AD/Terminal Services/Citrix integration.

Content filteringFeatureDescriptionInside/Outside content filteringEnforce acceptable use policies and block access to websites containing information orimages that are objectionable or unproductive with Content Filtering Service. Extend policyenforcement to block internet content for devices located outside the firewall perimeterwith the Content Filtering Client.Granular controlsBlock content using the predefined categories or any combination of categories. Filteringcan be scheduled by time of day, such as during school or business hours, and applied toindividual users or groups.Dynamic rating architectureAll requested web sites are cross-referenced against a dynamically updated database inthe cloud categorizing millions of URLs, IP addresses and domains in real time.Web cachingURL ratings are cached locally on the Dell SonicWALL firewall so that the response timefor subsequent access to frequently visited sites is only a fraction of a second.Enforced anti-virus and anti-spywareFeatureDescriptionMulti-layered protectionA firewall’s gateway anti-virus solution provides the first layer of defense at the perimeter,however viruses can still enter the network through laptops, thumb drives and otherunprotected systems. Utilize a layered approach to anti-virus and anti-spywareprotection to extend to both client and server.Automated enforcementEnsure every computer accessing the network has the most recent version of antivirus and anti-spyware signatures installed and active, eliminating the costs commonlyassociated with desktop anti-virus and anti-spyware management.Automated deployment andinstallationMachine-by-machine deployment and installation of anti-virus and anti-spyware clientsis automatic across the network, minimizing administrative overhead.Always on, automatic virusprotectionFrequent anti-virus and anti-spyware updates are delivered transparently to all desktopsand file servers to improve end user productivity and decrease security management.Spyware protectionPowerful spyware protection scans and blocks the installation of a comprehensive arrayof spyware programs on desktops and laptops before they transmit confidential data,providing greater desktop security and performance.Firewall and networkingFeatureDescriptionStateful Packet InspectionAll network traffic is inspected, analyzed and brought into compliance with firewallaccess policies.DDoS/DoS attack protectionSYN Flood protection provides a defense against DOS attacks using both Layer 3 SYN proxyand Layer 2 SYN blacklisting technologies. Additionally, it provides the ability to protectagainst DOS/DDoS through UDP/ICMP flood protection and connection rate limiting.Flexible deployment optionsThe NSA series can be deployed in traditional NAT, Layer 2 Bridge, Wire Mode andNetwork Tap modes.IPv6 supportThe NSA series supports IPv6, the internet protocol that increases the number of availableIP addresses. NSA series firewalls have achieved IPv6 Ready Phase 1/2 as well as ICSA Labsenterprise certification which includes IPv6 testing.

Firewall and networking con'tFeatureDescriptionHigh availability/clusteringThe NSA series supports Active/Passive with state synchronization, Active/Active DPIand Active/Active Clustering high availability modes. Active/Active DPI offloads the DeepPacket Inspection load to cores on the passive appliance to boost throughput.WAN load balancingLoad balances multiple WAN interfaces using Round Robin, Spillover or Percentagebased methods.Policy-based routingCreates routes based on protocol to direct traffic to a preferred WAN connection with theability to fail back to a secondary WAN in the event of an outage.Advanced QoSGuarantees critical communications with 802.1p and DSCP tagging, and remapping ofVoIP traffic on the network.H.323 gatekeeper and SIPproxy supportBlocks spam calls by requiring that all incoming calls are authorized and authenticated byH.323 gatekeeper or SIP proxy.Management and reportingFeatureDescriptionGlobal Management SystemThe Dell SonicWALL GMS monitors, configures and reports on multiple Dell SonicWALLappliances through a single management console with an intuitive interface to reducemanagement costs and complexity.Powerful, single device managementAn intuitive, web-based interface allows quick and convenient configuration in additionto a comprehensive CLI and support for SNMPv2/3.Application flow reportingExports application traffic analytics and usage data for real-time and historicalmonitoring and reporting with tools such as Dell SonicWALL GMS or Analyzer.Virtual Private NetworkingFeatureDescriptionIPSec VPN for site-to-siteconnectivityHigh-performance IPSec VPN allows the NSA series to act as a VPN concentrator forthousands of other large sites, branch offices or home offices.SSL VPN and IPSec clientremote accessUtilizes clientless SSL VPN technology or an easy-to-manage IPSec client for easy accessto email, files, computers, intranet sites and applications from a variety of platforms.Redundant VPN gatewayWhen using multiple WANs, a primary and secondary VPN can be configured to allowseamless automatic failover and failback of all VPN sessions.Route-based VPNThe ability to perform dynamic routing over VPN links ensures continuous uptime inthe event of a temporary VPN tunnel failure, by seamlessly re-routing traffic betweenendpoints through alternate routes.Content/context awarenessFeatureDescriptionUser activity trackingUser identification and activity are made available through seamless AD/LDAP/Citrix/TerminalServices SSO integration combined with extensive information obtained through DPI.GeoIP country traffic identificationIdentifies and controls network traffic going to or coming from specific countries toeither protect against attacks from known or suspected origins of threat activity, or toinvestigate suspicious traffic originating from the network.Regular Expression DPI filteringPrevents data leakage by identifying and controlling content crossing the networkthrough regular expression matching.

SonicOS feature summaryFirewall Reassembly-Free Deep PacketInspection Deep packet inspection for SSL Stateful packet inspection Stealth mode Common Access Card (CAC) support DOS attack protection UDP/ICMP/SYN flood protection SSL decryption and inspection IPv6 securityIntrusion prevention Signature-based scanning Automatic signature updates Bidirectional inspection engine Granular IPS rule capability GeoIP and reputation-based filtering Regular expression matchingAnti-malware Stream-based malware scanning Gateway anti-virus Gateway anti-spyware Bi-directional inspection No file size limitation Cloud malware databaseApplication control Application control Application component blocking Application bandwidth management Custom application signature creation Data leakage prevention Application reporting overNetFlow/IPFIX User activity tracking (SSO) Comprehensive applicationsignature databaseWeb content filtering URL filtering Anti-proxy technology Keyword blocking Bandwidth manage CFS ratingcategories Unified policy model with app control 56 content filtering categories Content Filtering ClientVPN IPSec VPN for site-to-site connectivity SSL VPN and IPSec client remoteaccess Redundant VPN gateway Mobile Connect for iOS, Mac OS X,Windows, Chrome, Android andKindle Fire Route-based VPN (OSPF, RIP)Networking Jumbo frames Layer-2 network discovery IPv6 Path MTU discovery Enhanced logging VLAN trunking RSTP (Rapid Spanning Tree Protocol) Port mirroring Layer-2 QoS Port security Dynamic routing SonicPoint wireless controller Policy-based routing Advanced NAT DHCP server Bandwidth management Link aggregation Port redundancy A/P high availability with state sync A/A clustering Inbound/outbound load balancing L2 bridge, wire mode, tap mode,NAT modeVoIP Granular QoS control Bandwidth management DPI for VoIP traffic H.323 gatekeeper and SIP proxysupportManagement and monitoring Web GUI Command line interface (CLI) SNMPv2/v3 Centralized management andreporting Logging Netflow/IPFix exporting App traffic visualization Centralized policy management Single Sign-On (SSO) Terminal service/Citrix support BlueCoat Security Analytics Platform Application and bandwidthvisualization IPv4 and IPv6 ManagementIPv6 IPv6 filtering 6rd (rapid deployment) DHCP prefix delegation Wire mode BGPCapture ATP Cloud-based multi-engine analysis Virtualized sandboxing Hypervisor level analysis

The Dell SonicWALL NSA 2600 is designed to address the needs of growing small organizations, branch offices and school campuses. Network Security Appliance 3600/4600 The Dell SonicWALL NSA 3600/4600 is ideal for branch office and small- to medium-sized corporate environments concerned about throughput capacity and performance.