Transcription
SonicWALL ECLASS NetwNETWORK SECURITYSuperMassive E10000 Series Next-Generation FirewallThe SonicWALL SuperMassive E10000 Series is SonicWALL’s Next-GenerationFirewall platform designed for large networks to deliver scalability, reliabilityand deep security at multi-gigabit speeds. Built to meet the needs ofenterprise, government, university, and service provider deployments, theSuperMassive E10000 Series is ideal for securing enterprise networks, datacenters and server farms. Combining its massively multi-core architecture andSonicWALL’s patented* Reassembly-Free Deep Packet Inspection (RFDPI)technology, the SuperMassive E10000 Series delivers industry-leadingapplication control, intrusion prevention, malware protection and SSLinspection at multi-gigabit speeds. The SonicWALL E10000 Series isdesigned with power, space, and cooling (PSC) in mind, providing the leadingGbps/Watt in the industry for application control and threat prevention.SonicWALL’s Reassembly-Free Deep Packet Inspection engine scans every byteof every packet delivering full content inspection of the entire stream whileproviding high performance and low latency. This technology is superior tooutdated proxy designs that reassemble content using sockets bolted toanti-malware programs that are plagued with inefficiencies and overhead ofsocket memory thrashing that leads to high latency, low performance and filesize limitations. The RFDPI engine delivers full content inspection to eliminatethreats before they enter the network and provides protection against millionsof unique malware variants without file size, performance or latency limitations.The RFDPI engine also provides full inspection of SSL-encrypted traffic as wellas non-proxyable applications enabling complete protection regardless oftransport or protocol.Intuitive AppFlow Visualization allows for the identification of productiveand unproductive application traffic in real time which can then be controlledthrough powerful application-level policies. Application control can beexercised on both a per-user and per-group basis, along with schedules andexception lists. All application, intrusion prevention, and malware signatures areconstantly updated by SonicWALL’s Research Team. Additionally, SonicWALL’sadvanced operating system, SonicOS, provides integrated tools that allow forcustom application identification and control.The design provides near-linear performance increases and scales up to 96cores of processing power to deliver 40 Gbps of Firewall throughput, 30 Gbps of Application Inspection, 30 Gbps of Intrusion Prevention, and 10 Gbps of Anti-Malware protection. Consisting of the E10100, E10200, E10400and E10800, the SuperMassive E10000 Series is field upgradeable, futureproofing the security infrastructure investment as network bandwidth andsecurity requirements increase.* U.S. Patents 7,310,815; 7,600,257; 7,738,380; 7,835,361nnnnMassively ScalableMulticore ArchitectureDesigned for 10/40 GbpsInfrastructureSuperior GranularApplication Intelligence,Control and VisualizationComplete ThreatProtection IncludingHigh PerformanceIntrusion Prevention andLow Latency MalwareProtectionFull Inspection of SSLEncrypted Traffic WithoutOverhead, Latency,and Memory ThrashingAssociated with SocketBased SSL Proxies
SuperMassive E10000 Series Next-Generation FirewallSERIES LINEUPThe SonicWALL SuperMassive chassis includes 6 x 10-GbE SFP and 16 x 1-GbE SFP ports, redundant 850W AC power supplies, hotswappable dual redundant fan modules, and massively scales up to 96 processing cores.CapabilityProcessing CoresFirewall ThroughputApplication IntelligenceThroughputIPS ThroughputAnti-Malware ThroughputMaximum ConnectionsUpgrade PathE10100E10200E10400E1080012 ( 12 Integrated HA Mode)5.0 Gbps4.0 Gbps2410 Gbps7.5 Gbps4820 Gbps15 Gbps9640 Gbps30 Gbps4.0 Gbps2.0 Gbps1.5MUpgradeable to the E102007.5 Gbps3.0 Gbps3.0MUpgradeable to the E1040015 Gbps6.0 Gbps6.0MUpgradeable to the E1080030 Gbps12 Gbps12.0M—80 GB SSD DriveConsole PortLCD DisplayFutureUse6 x 10-GbeSFP Ports16 x 1-GbeSFP Ports1-GbeManagementInterfaceHot Swappable Redundant 850W Power SuppliesTwo Hot Swappable Dual Redundant Fan Modules2LCD ControlsDualUSB PortsStatus LEDIndicatorsModule Slot Fan
SonicWALL ECLASS NetwoEXTENSIBLE ARCHITECTURE FOR EXTREME SCALABILIT Y AND PERFORMANCEScalable Performance with a Multi-Core ArchitectureThe SonicWALL SuperMassive E10000 Series is built with a focus onhigh performance, scalability and high availability, providing largeenterprises a platform to address their most demanding securityneeds. This combination of scalability and performance is a resultof a powerful and massively scalable multi-core architecturepaired with SonicWALL’s proprietary Reassembly-Free DeepPacket Inspection engine that can scale linearly to any numberof processing cores. Environments that see their network securityneeds grow with time can upgrade their system to increase theavailable performance of their SuperMassive platform.Engineered for High PerformanceThe SuperMassive E10000 Series is engineered to deliver ultra lowlatency Deep Packet Inspection that large enterprises demand.The SuperMassive fabric interconnect provides 240 GbE of nonblocking bandwidth with less than 1 μs latency for unhinderedcommunication between the 96 processing cores and the6 x 10-GbE SFP and the 16 x 1-GbE SFP ports.16 x 1 GbE SFP240 GbESM Interconnect6 x 10 GbE SFP 96 CoresIntelligent Design for Superior DPI ThroughputWhile stateful packet inspection is still necessary, it alone isinsufficient to protect against today’s application and contentborne threats. Full deep packet inspection capabilities likeapplication control, intrusion prevention and anti-malware providea significantly increased level of security and network control, butmust do so without diminishing network performance.SonicWALL’s patented* RFDPI engine provides a highly-efficientsingle-pass design that consolidates all security features into aunified scanning and policy engine, enabling the platform todeliver industry-leading deep packet inspection performance.* U.S. Patents 7,310,815; 7,600,257; 7,738,380; 7,835,3613
SuperMassive E10000 Series Next-Generation FirewallF E AT U R E SApplication Intelligence and ControlFeatureDescriptionApplication ControlIdentify and control applications or individual components of an application based onRFDPI technology instead of relying on well known ports and protocols.Application Bandwidth ManagementAllocate bandwidth to critical applications while throttling unproductive applicationtraffic for an efficient and productive network.Custom Application IdentificationCreate and configure custom application identification based on traffic parameters oron patterns unique to an application in its network communications.AppFlow VisualizationAdvanced visualization along with comprehensive statistics provide administrators witha clear view into exactly what applications and application components are in use onthe network and by whom in real time.Application Signature DatabaseA continuously expanding database of over 3,500 application signatures ensures thatadministrators are able to control the usage of all the latest applications on their networkat a category or individual level.IPFIX/Netflow ReportingExport application usage data through IPFIX or through Netflow protocols forthird-party monitoring and reporting of network data and application usage data.Deep Packet Inspection for SSLSSL traffic is decrypted and inspected for malware and intrusions by the Reassembly-FreeDeep Packet Inspection engine in addition to applying application, URL, and contentcontrol policies on potentially evasive traffic.User Activity TrackingUser identification is seamlessly integrated with Microsoft Active Directory and otherauthentication systems enabling tracking and reporting of individual user identification.GeoIP Country Traffic IdentificationIdentify and control network traffic going to or coming from specific countries.Gateway Threat Prevention4Gateway Anti-MalwareSonicWALL’s proprietary RFDPI engine scans all ports and protocols for viruses withoutfile size or stream length limitation. SonicLabs Researchers constantly provide updatedthreat protection, providing faster response times and threat prevention.Reassembly-Free Deep Packet Inspection(RFDPI)Reassembly-Free Deep Packet Inspection keeps track of malware regardless of the orderor the timing with which the packets arrive, allowing for extreme low latency whileeliminating file size and stream size limitation, and providing greater performanceand security than outdated proxy designs that reassemble content using sockets boltedto traditional anti-virus programs that are plagued with inefficiencies and overhead of socketmemory thrashing that leads to high latency, low performance and file size limitations.Cloud Anti-Virus (AV)In addition to utilizing the on-board database, the RFDPI engine also consults with theSonicWALL Cloud Services for additional information on over four million malwaresignatures and growing.Bi-directional InspectionRFDPI can be performed on both inbound and outbound connections to provideprotection in all network traffic directions.24x7 Signature UpdatesSonicLabs Research Team team creates and updates signature databases that arepropagated automatically to the firewalls in the field, with those signatures takingimmediate effect without any reboot or service interruption required.
SonicWALL ECLASS NetwoIntrusion PreventionFeatureDescriptionSignature-based ScanningTightly integrated, signature-based intrusion prevention scans packet payloads forvulnerabilities and exploits that target critical internal systems.Automatic Signature UpdatesSonicWALL’s Research Team continuously updates and deploys an extensivelist of over 5,400 IPS signatures covering 52 attack categories. These signatures takeimmediate effect and do not require reboots or any other interruption in service.Outbound Threat PreventionThe ability to inspect both inbound and outbound traffic ensures that the network willnot unwittingly be used in Distributed Denial of Service attacks and will prevent anyCommand and Control Botnet communication.Intra-Zone IPS ProtectionIntrusion prevention can be deployed between internal security zones to protectsensitive servers and to prevent internal attacks.VPNIPSec VPN for Site-to-site ConnectivityHigh-performance IPSec VPN allows the SuperMassive E10000 Series to act as a VPNconcentrator for thousands of other large sites, branch offices or home offices.SSL VPN or IPSec Client Remote AccessUtilize clientless SSL VPN technology or an easy-to-manage IPSec client for easy accessto email, files, computers, intranet sites and applications from a variety of platforms.Redundant VPN GatewayWhen using multiple WANs, a primary and secondary VPN can be configured to allowseamless automatic failover and failback of all VPN sessions.Route-based VPNThe ability to perform dynamic routing over VPN links ensures continuous uptime in theevent of a temporary VPN tunnel failure by seamlessly re-routing traffic betweenendpoints through alternate routes.VoIPAdvanced QoSGuarantee critical communications with 802.1p and DSCP tagging and remapping ofVoIP traffic on the network.DPI of VoIP TrafficPredefined signatures detect and block VoIP specific threats.H.323 Gatekeeper and SIP Proxy SupportBlock spam calls by requiring that all incoming calls are authorized andauthenticated by H.323 gatekeeper or SIP proxy.Firewall and NetworkingStateful Packet InspectionAll network traffic is inspected, analyzed and brought into compliance with firewallaccess policies.DOS Attack ProtectionSYN Flood protection provides defense against DOS attacks using both layer 3 SYN proxyand layer 2 SYN blacklisting technologies.Flexible DeploymentCan be deployed in traditional NAT, Layer 2 Bridge, Wire Mode and Network Tap modes.Policy-based RoutingCreate routes based on protocol to direct traffic to a preferred WAN connection with theability to fail back to a secondary WAN in the event of an outage.5
SuperMassive E10000 Series Next-Generation FirewallF E AT U R E SFirewall and Networking (continued)FeatureDescriptionHigh AvailabilitySupports Stateful Active/Passive, Active/Active DPI and Active/Active Clustering failoverto ensure not only increased reliability by protecting against hardware or software faults,but also an increase in performance through Reassembly-Free Deep Packet Inspectionworkload offloading to the cores available on stand-by units.WAN Load BalancingLoad balance up to four WAN interfaces using Round Robin, Spillover or Percentagebased methods.Management and MonitoringWeb GUIAn intuitive Web-based interface allows quick and convenient configuration in additionto management through SonicWALL Global Management System or the CLI.SNMPSNMP provides the ability to protectively monitor and respond to threats and alerts.Netflow/IPFIXExport an extended set of data through IPFIX or through Netflow protocols for third-partymonitoring and reporting of network data and application usage data correlatedwith factors such as user identification and others.Centralized Policy ManagementWith SonicWALL Global Management System (GMS ), monitor, configure and report onmultiple SonicWALL appliances from a single intuitive interface and customize yoursecurity environment to suit your individual policies.SonicOS Feature SummaryFirewalln Reassembly-Free Deep Packet Inspectionn Deep Packet Inspection for SSLn Stateful Packet Inspectionn DOS Attack Protectionn TCP Reassemblyn Stealth ModeApplication Controln Application Controln Application Component Blockingn Application Bandwidth Managementn Custom Application Signature Creationn AppFlow Visualizationn Data Leakage Preventionn IPFIX with Extensions Reportingn User Activity Trackingn GeoIP Country Traffic Identificationn Comprehensive Application SignatureDatabaseIntrusion Preventionn Signature-based Scanningn Automatic Signature Updatesn Outbound Threat Preventionn IPS Exclusion Listn Hyperlinked Log Messagesn Unified CFS and App Control withBandwidth Throttling6Anti-Malwaren Stream-based Malware Scanningn Gateway Anti-Virusn Gateway Anti-Spywaren SSL Decryptionn Anti-Spamn Bi-directional Inspectionn No File Size LimitationVPNn IPSec VPN for Site-to-site Connectivityn SSL VPN or IPSec Client Remote Accessn Redundant VPN Gatewayn Route-based VPNWeb Content Filteringn URL Filteringn Anti-proxy Technologyn Keyword Blockingn Bandwidth Manage CFS Rating Categoriesn Unified Policy Model with App ControlVoIPn Advanced QoSn Bandwidth Managementn DPI of VoIP Trafficn Full Interoperabilityn H.323 Gatekeeper and SIP Proxy SupportNetworkingn Dynamic Routingn Policy-based RoutingAdvanced NATDHCP Servern Bandwidth Managementn IPv6n Link Aggregationn Port Redundancyn High Availabilityn Load BalancingnnManagement and Monitoringn Web GUIn Command Line Interfacen SNMPn ViewPoint Reportingn Loggingn Netflow/IPFIXn App Visualizationn LCD Management Screenn Centralized Policy Managementn Single Sign-Onn Terminal Service/Citrix Supportn Solera Networks Forensics IntegrationSecurity Servicesn Intrusion Prevention Servicen Gateway Anti-Malware Servicen Content Filtering Servicen Enforced Client Anti-Virus andAnti-Spyware Servicen Application Intelligence, Controland Visualization Service
SonicWALL ECLASS NetwoSystem SpecificationsE10100Operating SystemCores12 ( 12 HA)10 GbE Interfaces1 GbE InterfacesManagement InterfacesMemory (RAM)8 GBStorageFirewall Inspection Throughput5.0 GbpsApplication Inspection Throughput4.0 GbpsIPS Throughput4.0 GbpsAnti-Malware Inspection Throughput 2.0 GbpsVPN Throughput2.5 GbpsConnections per second80,000/secMaximum Connections (SPI)1.5MMaximum Connections (DPI)1.2ME10200E10400E10800489632 GB64 GB20 Gbps15 Gbps15 Gbps6.0 Gbps10 Gbps320,000/sec6.0M5.0M40 Gbps30 Gbps30 Gbps12 Gbps20 Gbps640,000/sec12.0M10.0MSonicOS246 x 10-GbE SFP 16 x 1-GbE SFP1 GbE, 1 Console16 GB80 GB SSD, Flash10 Gbps7.5 Gbps7.5 Gbps3.0 Gbps5.0 Gbps160,000/sec3.0M2.5MVPNSite-to-site Tunnels10,000IPSec VPN Clients2,000SSL VPN Licenses20 (1,000)*EncryptionAuthenticationKey ExchangeRoute-based VPN10,000 (20,000)*10,000 (40,000)*10,000 (80,000)*2,000 (4,000)*2,000 (8,000)*2,000 (16,000)*50 (2,000)*50 (4,000)*50 (8,000)*DES, 3DES, AES (128, 192, 256-bit)MD5, SHA-1Diffie Hellman Groups 1, 2, 5, 14RIP, OSPFNetworkingIP Address AssignmentStatic (DHCP PPPoE, L2TP and PPTP client), Internal DHCP server, DHCP RelayNAT Modes1:1, many:1, 1:many, flexible NAT (overlapping IPS), PAT, transparent modeVLAN Interfaces512Routing ProtocolsBGP*, OSPF, RIPv1/v2, static routes, policy-based routing, multicastQoSBandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1pAuthentication XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, terminal services, CitrixIPv6 IPv6 RFDPI, firewall, VPN, NAT; Dual stack IPv4/IPv6; IPv6 to/from IPv4 translations; ICMPv6; DHCPv6; DNSv6VoIPFull H323-v1-5, SIPStandards TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS, IEEE 802.3Certifications PendingFIPS 140-2, Common Criteria EAL4 , NEBS, ICSA FirewallCommon Access Card (CAC) SupportPendingHardwarePower SupplyDual, Redundant, Hot Swappable, 850 WFansDual, Redundant, Hot SwappableDisplayFront LED DisplayInput Power100-240 VAC, 60-50 HzMaximum Power350400550750Consumption (W)Form Factor4U Rack MountableDimensions17x18x7 in (43x43.5x17.8 cm)Weight58 lb (26.3 kg)58 lb (26.3 kg)61 lb (27.7 kg)67 lb (30.3 kWEEE Weight59 lb (26.8 kg)59 lb (26.8 kg)62 lb (28.1 kg)68 lb (30.8 kg)Shipping Weight79 lb (35.8 kg)79 lb (35.8 kg)82 lb (37.2 kg)88 lb (39.9 kg)Major RegulatoryFCC Class A, CE, C-Tick, VCCI, Compliance MIC, UL, cUL, TUV/GS, CB, NOM, RoHS, WEEEEnvironment40-105 F, 5-40 deg CHumidity10-90% non-condensing*Available with expanded license.All specifications, features and availability are subject to change.7
SonicWALL ECLASS NetwoSuperMassive E10000 Series Next-Generation FirewallO R D E R I N G I N F O R M AT I O NProductSKUSuperMassive E10100, 6 SFP 10GbE Ports, 16 SFP 1GbE Ports, Dual Fans, Dual AC Power SuppliesSuperMassive E10200, 6 SFP 10GbE Ports, 16 SFP 1GbE Ports, Dual Fans, Dual AC Power SuppliesSuperMassive E10400, 6 SFP 10GbE Ports, 16 SFP 1GbE Ports, Dual Fans, Dual AC Power SuppliesSuperMassive E10800, 6 SFP 10GbE Ports, 16 SFP 1GbE Ports, Dual Fans, Dual AC Power SuppliesSystem 56SKUSuperMassive E10100 to E10200 UpgradeSuperMassive E10200 to E10400 UpgradeSuperMassive E10400 to E10800 Upgrade01-SSC-949601-SSC-949701-SSC-9498Services E10100SKUThreat Prevention – Intrusion Prevention, Gateway Anti-Virus, Gateway Anti-Spyware, Cloud Anti-Virus for E10100 (1-year)Application Intelligence and Control – Application Intelligence, Application Control, App Flow Visualization for E10100 (1-year)Content Filtering Premium Business Edition for E10100 (1-year)Platinum Support for the SuperMassive E10100 (1-year)Comprehensive Gateway Security Suite – Application Intelligence, Threat Prevention, Content Filtering with Support for E10100 (1-year)Services 01-SSC-9515SKUThreat Prevention – Intrusion Prevention, Gateway Anti-Virus, Gateway Anti-Spyware, Cloud Anti-Virus for E10200 (1-year)Application Intelligence and Control – Application Intelligence, Application Control, App Flow Visualization for E10200 (1-year)Content Filtering Premium Business Edition for E10200 (1-year)Platinum Support for the SuperMassive E10200 (1-year)Comprehensive Gateway Security Suite – Application Intelligence, Threat Prevention, Content Filtering with Support for E10200 (1-year)Services 01-SSC-9533SKUThreat Prevention – Intrusion Prevention, Gateway Anti-Virus, Gateway Anti-Spyware, Cloud Anti-Virus for E10400 (1-year)Application Intelligence and Control
VPN IPSec VPN for Site-to-site Connectivity High-performance IPSec VPN allows the SuperMassive E10000 Series to act as a VPN concentrator for thousands of other large sites, branch offices or home offices. SSL VPN or IPSec Client Remote Access Utilize clientless SSL VPN technology or an easy-to-manage IPSec client for easy access
