Transcription
SonicWALL TZ SeriesFIREWALLUnified Threat ManagementnBuilt on the proven securityarchitecture of SonicOS, theTZ Series provides highlyeffective anti-malwareand intrusion preventionto keep networks safe fromsophisticated modernthreats.The SonicWALL TZ Series is the most secure Unified Threat Management (UTM) firewall for smallbusinesses, retail deployments, government organizations, remote sites and branch offices. Unlikeconsumer-grade products, the TZ Series delivers the most effective anti-malware, intrusionprevention, content/URL filtering and application control capabilities along with the broadest mostsecure mobile platform support for laptops, smartphones and tablets. It provides full deep packetinspection (DPI) at very high performance levels, eliminating the network bottleneck that otherproducts introduce, and enabling organizations to realize increased productivity gains. The TZSeries is the most secure, sophisticated and widely-deployed security platform on the market today.nHighly secure SSL VPNremote access is availablenatively for Apple iOS,Google Android, Windows,Mac OS and Linux baseddevices to unleash thepotential of a mobileworkforce.Additionally, the SonicWALL Application Intelligence and Control capabilities in the TZ 215 ensuresthat bandwidth is available for business-critical applications while throttling or blockingunproductive applications. The TZ 215 also offers advanced application traffic analytics andreporting for deep insight into bandwidth utilization and security threats.nnSonicWALL content and URLfiltering blocks multiplecategories of objectionableweb content to enable highworkplace productivity andreduce legal liability.Easy to comprehend andquick to deploy, thegraphical user interface inthe TZ Series eliminatesthe choice betweenease-of-use and power,driving down total costof ownership.The TZ Series includes additional advanced networking features such as IPSec and SSL VPN,multiple ISP failover, load balancing, optional integrated 802.11n wireless and networksegmentation, and also enables PCI compliance. The TZ Series is the only available UTM firewall thatprovides native VPN remote access client for Apple iOS, Google Android , Windows, Mac OS andLinux. This unique client also supports Clean VPN , which decontaminates threats from VPN traffic.Providing the most secure support for mobile platforms, only SonicWALL delivers full malwarescanning of SSL encrypted traffic and application control for Android and iOS devices.The new TZ Series is an elegant integration of multiple point products, combined into a singlesolution providing value while reducing complexityAbout SonicWALLGuided by its vision of Dynamic Security for the Global Network, SonicWALL develops advancedintelligent network security and data protection solutions that adapt as organizations and threatsevolve. SonicWALL designs award-winning hardware, software and virtual-appliance solutions todetect and control applications and protect networks from intrusions and malware attacks.SonicWALL is trusted by small businesses and large enterprises worldwide. Since 1991, it has shippedover two million appliances through its global network of channel partners to keep tens of millionsof business computer users safe and in control of their data.
SonicWALL e SonicWALL TZ 205 and TZ 215 feature dual-core CaviumCPUs, which process parallel data streams simultaneously,increasing overall protection and performance. Dual-coretechnology offers superior performance, scalability, and energyefficiency when compared with network security platformsbased on general-purpose processors with separate securityco-processors, or Application-Specific Integrated Circuits (ASIC),which can’t keep up with evolving complex attacks in real timefrom both inside and outside the network perimeter. Theadvanced high performance dual-core architecture makes theTZ Series the fastest solution in its class, with performancelevels of up to 500 Mbps of stateful throughput, 110 Mbpsdeep packet inspection throughput and 130 Mbps 3DES orAES VPN throughput.SonicWALL’s patented Reassembly-Free Deep PacketInspection (RFDPI) technology enables simultaneous, multithreat and application scanning and analysis of unlimited filessizes and connections at extremely high speeds. This singlecode base is at the core of every SonicWALL firewall, from theTZ 105 to the SonicWALL SuperMassive E10800. SuperMassiveE10800 with SonicOS is the highest overall protectionNext-Generation Firewall to earn the NSS Labs Recommendrating. RFDPI is tightly integrated into the firewall platform,streamlining management of granular firewall policies,directly via the firewall interface or via the SonicWALL GlobalManagement System. Organizations can choose froman entire line of proven SonicWALL firewalls with SonicOS,which massively scale to meet the needs of the highestperformance cOSAppVisualizationAnti-MalwareURLFilteringTZ 105 SeriesTZ 205 SeriesFirewall OverviewStateful Packet Inspection Firewall Throughput200 Mbps500 MbpsIPS Throughput60 Mbps80 MbpsGAV Throughput40 Mbps60 MbpsVPN Throughput75 Mbps100 MbpsFull DPI (UTM)25 Mbps40 MbpsMaximum UTM/DPI Connections8,00012,000Unlimited File Size Protection TZ 215 Series500 Mbps110 Mbps70 Mbps110 Mbps60 Mbps32,000 HardwareDual Core Processor Gigabit Ethernet 802.11n Support Dual Band 802.11 a/b/g/n Support Security ServicesIntrusion Protection* Gateway Anti-Virus, Anti-Spyware and Cloud AV* Content and URL Filtering (CFS)* Enforced Client Anti-Virus and Anti-Spyware* Application Intelligence and Control* *Available with Subscription Service2
SonicWALL TZ 105TestLEDHome Office/Small OfficeActivityPowerLEDThe new SonicWALL TZ 105 is the mostsecure Unified Threat Management (UTM)firewall available for small offices, homeoffices and small retail deployments. Unlikeconsumer-grade products, the TZ 105delivers the proven, most effective intrusionprevention, anti-malware and content/URLfiltering, along with the broad mobileplatform support for laptops, smartphonesand tablets. It provides full deep packetinspection (DPI) at very high performancelevels, eliminating the network bottleneckthat other products introduce, and enablingorganizations to realize increased productivitygains without the increased cost.Hardware DescriptionTZ 105 TotalSecure 1-yearTZ 105 Wireless-N TotalSecure 1-yearTZ 105 Wireless-N TotalSecure International 1-yearLAN PortUSB PortConsolePortWAN PortFast EthernetInterfacesSecurePowerResetSwitchTZ 105Home Office/Small Office LANSKU01-SSC-490601-SSC-490801-SSC-4910Home/Work LANService DescriptionComprehensive Gateway Security Suite 1-yearGateway Anti-Virus andIntrusion Prevention Service 1-yearContent/URL Filtering 1-yearComprehensive Anti-Spam Service 1-yea8x5 Support 1-year24x7 Support 87101-SSC-485601-SSC-48623
SonicWALL TZ 205TestLEDSmall Office/RetailActivityPowerLEDSmall businesses, retail deployments,government organizations, remote sitesand branch offices can benefit from thepowerful security and business-classperformance of the new SonicWALL TZ205. Unlike consumer grade products,this powerful Unified Threat Management(UTM) firewall combines the most effectiveintrusion prevention, anti-malware andcontent/URL filtering with the broadest,most secure mobile platform supportfor laptops, smartphones and tablets. Byproviding full deep packet inspection (DPI)at very high performance levels, it eliminatesthe tradeoff between comprehensivesecurity and performance.Hardware DescriptionTZ 205 Hardware: WiredTZ 205 Hardware: Wireless-NTZ 205 Hardware: Wireless-N InternationalTZ 205 TotalSecure 1-yearTZ 205 Wireless-N TotalSecure 1-yearTZ 205 Wireless-N TotalSecure International 1-year4GigabitLAN PortUSB PortConsolePortGigabit EthernetInterfacesFutureExpansionGigabitWAN PortSecurePowerResetSwitchTZ nalogFailoverSecure Wireless ZoneSales 490601-SSC-490801-SSC-4910Protected Server NetworkService DescriptionComprehensive Gateway Security Suite 1-yearGateway Anti-Virus andIntrusion Prevention Service 1-yearContent/URL Filtering 1-yearComprehensive Anti-Spam Service 1-year8x5 Support 1-year24x7 Support 83201-SSC-481101-SSC-4817
SonicWALL TZ 215PowerLEDUSB PortsRetail/Branch OfficeActivityGigabitLAN PortTestLEDThe new SonicWALL TZ 215 is the mostsecure, highest performance Unified ThreatManagement (UTM) firewall available for smallbusinesses and branch offices. Designed forsmall businesses, distributed enterprises, branchoffices and retail deployments, the TZ 215integrates anti-malware, intrusion prevention,application control and URL filtering, drivingdown cost and complexity. It provides a dualcore architecture delivering full deep packetinspection (DPI) without diminishing networkperformance, thus eliminating bottlenecks thatother products introduce, enabling businessesto realize increased productivity gains. TheTZ 215 also provides application control toensure bandwidth for critical applications, whilethrottling non-productive ones. Advancednetworking features include multiple ISPfailover and load balancing, optional dual-bandsecure wireless, IPSec VPN support, networksegmentation and PCI compliance capabilities.Hardware DescriptionTZ 215 Hardware: WiredTZ 215 Hardware: Wireless-NTZ 215 Hardware: Wireless-N InternationalTZ 215 TotalSecure 1-yearTZ 215 Wireless-N TotalSecure 1-yearTZ 215 Wireless-N TotalSecure International 1-yearConsolePortGigabit EthernetInterfacesGigabitWAN PortSecurePowerResetSwitchGroundTZ nalog FailoverSecure Wireless ZoneSales 498201-SSC-498401-SSC-4986Protected Server NetworkService DescriptionComprehensive Gateway Security Suite 1-yearGateway Anti-Virus andIntrusion Prevention Service 1-yearContent/URL Filtering 1-yearComprehensive Anti-Spam Service 1-year8x5 Support 1-year24x7 Support 78701-SSC-476901-SSC-47755
FeaturesIntrusion PreventionSignature-based ScanningTightly integrated, signature-based intrusion prevention scans packet payloads for vulnerabilities andexploits that target critical internal systems.Automatic Signature UpdatesSonicWALL’s Research Team continuously updates and deploys an extensive list of over 5,400 IPS signaturescovering 52 attack categories. These signatures take immediate effect and do not require reboots or anyother interruption in service.Outbound Threat PreventionThe ability to inspect both inbound and outbound traffic ensures that the network will not unwittinglybe used in Distributed Denial of Service attacks and will prevent any Command and Control Botnetcommunication.Intra-Zone IPS ProtectionIntrusion prevention can be deployed between internal security zones to protect sensitive serversand to prevent internal attacks.VPNIPSec VPN for Site-to-siteConnectivityHigh-performance IPSec VPN allows the firewall to connect remote branch offices to a central location.SSL VPN or IPSec ClientRemote AccessUtilize clientless SSL VPN technology or an easy-to-manage IPSec client for easy access to email, files,computers, intranet sites and applications from a variety of platforms.Redundant VPN GatewayWhen using multiple WANs, a primary and secondary VPN can be configured to allow seamless automaticfailover and failback of all VPN sessions.Route-based VPNThe ability to perform dynamic routing over VPN links ensures continuous uptime in the event of atemporary VPN tunnel failure by seamlessly re-routing traffic between endpoints through alternate routes.Clean VPNSonicWALL Clean VPN both secures the integrity of VPN access and decontaminates malicious threatsbefore they can enter the corporate network.Gateway Threat PreventionGateway Anti-MalwareSonicWALL’s patented RFDPI engine scans all ports and protocols for viruses without file size or streamlength limitation. SonicLabs Researchers constantly provide updated threat protection, providing fasterresponse times and threat prevention.Reassembly-FreeDeep Packet (RFDPI)Reassembly-Free Deep Packet Inspection keeps track of malware regardless of the order or inspection timingwith which the packets arrive. This allows for extremely low latency while eliminating file and stream sizelimitations. This provides greater performance and security than outdated proxy designs which reassemblecontents using sockets bolted to traditional anti-virus programs and are plagued with inefficiencies and theoverhead of memory thrashing leading to high latency, low performance and size limitations.Cloud Anti-Virus (AV)Using the built-in RFDI engine, SonicWALL can leverage the power of the cloud to provide the most comprehensiveset of anti-malware signatures available, while minimizing latency or delay. The SonicWALL Cloud Anti-VirusService provides millions of additional malware signatures for inspection of executable files using the most up-todate information available.Bi-directional InspectionRFDPI can be performed on both inbound and outbound connections to provide protection in all networktraffic directions.24x7 Signature UpdatesSonicLabs Research Team team creates and updates signature databases that are propagated automaticallyto the firewalls in the field, with those signatures taking immediate effect without any reboot or serviceinterruption required.Firewall and Networking6Stateful Packet InspectionAll network traffic is inspected, analyzed and brought into compliance with firewall access policies.DOS Attack ProtectionSYN Flood protection provides defense against DOS attacks using both layer 3 SYN proxy and layer 2 SYNblacklisting technologies.Flexible DeploymentCan be deployed in traditional NAT and Layer 2 Bridge modes.Policy-based RoutingCreate routes based on protocol to direct traffic to a preferred WAN connection with the ability to fail backto a secondary WAN in the event of an outage.High AvailabilitySupports Active/Passive failover to ensure increased reliability by protecting against hardware or softwarefaults.WAN Load BalancingLoad balance up to four WAN interfaces using Round Robin, Spillover or Percentage based methods.WAN AccelerationWAN Acceleration decreases latency and increases transfer speeds between remote sites for even highernetwork efficiency gains.
FeaturesVoIPAdvanced QoSGuarantee critical communications with 802.1p and DSCP tagging and remapping of VoIP traffic onthe network.DPI of VoIP TrafficPredefined signatures detect and block VoIP specific threats.H.323 Gatekeeper andSIP Proxy SupportBlock spam calls by requiring that all incoming calls are authorized and authenticated by H.323 gatekeeperor SIP proxy.Management and MonitoringWeb GUIAn intuitive web-based interface allows quick and convenient configuration in addition to managementthrough SonicWALL Global Management System (GMS ), or the CLI.SNMPSNMP provides the ability to protectively monitor and respond to threats and alerts.Netflow/IPFIXExport an extended set of data through IPFIX or NetFlow protocols for granular insight into application traffic,bandwidth utilization and security threats in addition to powerful troubleshooting and forensics capabilities.Compatible with SonicWALL Scrutinizer and third-party monitoring and reporting applications. (TZ 215 only)Centralized Policy Management With SonicWALL GMS, monitor, configure and report on multiple SonicWALL appliances from a singleintuitive interface and customize your security environment to suit your individual policies.Application Intelligence and ControlApplication ControlIdentify and control applications or individual components of an application based on RFDPI technologyinstead of relying on well-known ports and protocols.Application BandwidthManagementAllocate bandwidth to critical applications while throttling unproductive application traffic for an efficientand productive network.Custom ApplicationIdentificationCreate and configure custom application identification based on traffic parameters or on patterns uniqueto an application in its network communications.Application Traffic AnalyticsProvides organizations with granular insight into application traffic, bandwidth utilization and securityin addition to powerful troubleshooting and forensics capabilities. (TZ 215 only)Application SignatureDatabaseA continuously expanding database of over 3,500 application signatures ensures that administrators are ableto control the usage of all the latest applications on their network at a category or individual level.User Activity TrackingUser identification is seamlessly integrated with Microsoft Active Directory and other authenticationsystems enabling tracking and reporting of individual user identification.GeoIP CountryTraffic IdentificationIdentify and control network traffic going to or coming from specific countries. (TZ 215 only)Firewall and NetworkingFirewalln Reassembly-Free Deep PacketInspectionn Stateful Packet Inspectionn DOS Attack Protectionn TCP Reassemblyn Stealth ModeApplication Controln Application Controln Application Component Blockingn Application BandwidthManagementn Custom Application SignatureCreationn AppFlow Visualizationn Data Leakage Preventionn IPFIX with Extensions Reportingn User Activity Trackingn GeoIP Country Traffic Identificationn Comprehensive ApplicationSignature DatabaseIntrusion PreventionSignature-based Scanningn Automatic Signature Updatesn Outbound Threat Preventionn IPS Exclusion Listn Hyperlinked Log Messagesn Unified CFS and App Control withBandwidth ThrottlingnAnti-Malwaren Stream-based Malware Scanningn Gateway Anti-Virusn Gateway Anti-Spywaren Cloud Anti-Virus ServiceVoIPn Advanced QoSn Bandwidth Managementn DPI of VoIP Trafficn Full Interoperabilityn H.323 Gatekeeper and SIPProxy SupportNetworkingDynamic Routingn Policy-based Routingn Advanced NATn DHCP Servern Bandwidth Managementn Link Aggregationn Port Redundancyn High Availabilityn IPv6 Readyn Load BalancingnManagement and Monitoringn Web GUIn Command Line Interfacen SNMPn Analyzer Reportingn Scrutinizer Reportingn GMS Policy Management andReportingn Loggingn Netflow/IPFixn App VisualizationCentralized Policy ManagementSingle Sign-Onn Terminal Service/Citrix SupportnnSecurity Servicesn Intrusion Prevention Servicen Gateway Anti-Malware Servicen Content Filtering Servicen Enforced Client Anti-Virus andAnti-Spyware Service – McAfee or Kaspersky optionsn Application Intelligence, Controland Visualization Service7
SpecificationsFirewallTZ 105 SeriesSonicOS Version1Stateful Throughput200 Mbps60 MbpsIPS Throughput 2GAV Throughput 240 Mbps25 MbpsUTM Throughput 2Maximum Connections 38,000Maximum UTM/DPI Connections8,000New Connections/Sec1,000Nodes SupportedDenial of Service Attack ProtectionSonicPoints Supported1TZ 205 SeriesTZ 215 SeriesSonicOS 5.8.1 and later500 Mbps500 Mbps80 Mbps110 Mbps60 Mbps70 Mbps40 Mbps60 22 classes of DoS, DDoS and scanning attacks216VPN75 Mbps100 Mbps130 Mbps3DES/AES Throughput 4Site-to-Site VPN Tunnels51020Bundled GVC Licenses (Maximum)0 (5)2 (10)2 (25)Bundled SSL VPN Licenses (Maximum)1 (5)1 (10)2 (10)Encryption/Authentication/DH GroupDES, 3DES, AES (128, 142, 256-bit), MD5, SHA-1/DH Group 1, 2, 5, 14Virtual Assist Bundled (Maximum)—1 (30-day trial)2 (30-day trial)Key ExchangeIKE, Manual Key, Certificates (X.509), L2TP over IPSecCertificate SupportVerisign, Thawte, Cybertrust, RSA Keon, Entrust and Microsoft CA for SonicWALL-to-SonicWALL VPN, SCEPVPN FeaturesDead Peer Detection, DHCP Over VPN, IPSec NAT Traversal, Redundant VPN Gateway, Route-based VPNGlobal VPN Client Platforms SupportedMicrosoft Windows XP, Vista 32/64-bit, Windows 7 32/64-bitSSL VPN PlatformsMicrosoft Windows
The SonicWALL TZ Series is the most secure Unified Threat Management (UTM) firewall for small businesses, retail deployments, government organizations, remote sites and branch offices. . segmentation, and also enables PCI compliance. The TZ Series is the only available UTM firewall th
