Transcription
Secure RemoteAccess SeriesEnable mobile and remote worker productivity whileprotecting from threatsThe Dell SonicWALL Secure RemoteAccess (SRA) Series provides mobileand remote workers using smartphones,tablets or laptops — whether managedor unmanaged BYOD — with fast, easy,policy-enforced access to missioncritical applications, data and resources,without compromising security.For mobile devices, the solutionincludes the intuitive Dell SonicWALLMobile Connect app that provides iOS,Android, Kindle Fire, Windows, and MacOS X devices secure access to allowednetwork resources, including sharedfolders, client-server applications,intranet sites and email.Users and IT administrators candownload the Mobile Connect appvia the Apple App Store, Google Playand the Kindle store and Windows 8.1smartphones, tablets and laptops shippre-installed with the MobileConnect app. The solution alsosupports clientless, secure browseraccess, including support for industrystandard HTML 5 browsers and thinclient VPN access for PCs and laptops,including Windows, Mac OS X andLinux computers.To protect from rogue access andmalware, the SRA Series applianceconnects only authorized users andtrusted devices to permitted resources.When integrated with a Dell SonicWALLnext-generation firewall as a CleanVPN, the combined solution deliverscentralized access control, malwareprotection, application control andcontent filtering. The multi-layeredprotection of Clean VPN decryptsand decontaminates all authorizedSSL VPN traffic before it enters thenetwork environment.Why you need SRAThe proliferation of mobile devicesin the workplace has increasedthe demand for secure access tomission-critical applications, data andresources. Granting that access offersimportant productivity benefits to theorganization, but introduces significantrisks as well.For example, an unauthorized personmight access company resources usinga lost or stolen device; an employee’smobile device might act as a conduitto infect the network with malware; orcorporate data might be intercepted overthird-party wireless networks. Also, loss ofbusiness data stored on devices can occurif rogue personal apps or unauthorizedusers gain access to that data.Benefits: Securing these devices is becomingincreasingly difficult, as organizationsmay no longer influence deviceselection or control devicemanagement. Organizations mustimplement solutions that safeguardaccess to ensure only authorized usersand devices that meet security policyare granted network access, and thatcompany data in-flight and at rest onthe device are secure. Unfortunately,this often involves complex multi-boxsolutions from multiple vendors andadds significantly to the total cost ofownership behind providing mobileaccess. Organizations are lookingfor easy-to-use, cost-effective andsecure mobile access solutions thataddress the needs of their increasinglymobile workforces. Single access gateway to all networkresources, via mobile app, clientlessor web-delivered clients, works tolower IT overhead and TCOCommon user experience across alloperating systems facilitates ease ofuse from any endpointMobile Connect app for iOS,Android, Windows 8.1 and Mac OS Xoffers mobile device ease of useContext aware authenticationensures only authorized usersand trusted mobile devices aregranted accessOne-click secure intranet file browseand on-device data protectionAdaptive addressing and routingdeploys appropriate access methodsand security levelsSetup wizard makes deployment easyEfficient object-based policymanagement of all users, groups,resources and devicesWeb Application Firewall enablesPCI compliance
FeaturesFast, easy, policyenforced accessto mission-criticalapplications, data andresources, withoutcompromisingsecurity.Single access gateway for mobile app,clientless or web-delivered clients —SRA lowers IT costs by enabling networkmanagers to easily deploy and managea single secure access gateway thatextends remote access via SSL VPN forboth internal and external users to allnetwork resources — including webbased, client/server, host-based (suchas virtual desktop) and back-connectapplications (such as VoIP). SRAs areeither clientless with browser access tothe customizable SRA Workplace portalor use mobile apps or lightweight webdelivered clients, reducing managementoverhead and support calls.Common user experience across alloperating systems — SRA technologyprovides transparent access tonetwork resources from any networkenvironment or device. An SRA providesa single gateway for smartphone,tablet, laptop and desktop access anda common user experience across alloperating systems — including Windows,Mac OS X, iOS, Android, Kindle and Linux— from managed or unmanaged devices.Mobile Connect app — Mobile Connectapp for iOS, Mac OS X, Android, Kindleand Windows 8.1 mobile devicesprovides users with easy, network-levelaccess to corporate and academicresources over encrypted SSL VPNconnections. Mobile Connect is easilydownloadable from the Apple AppStore, Google Play or Kindle store andembedded with Windows 8.1 devices.Context awareness — Access to thecorporate network is granted only afterthe user has been authenticated andmobile device integrity has been verified.Protects data at rest on mobiledevices — Authenticated users cansecurely browse and view allowedintranet file shares and files from withinthe Mobile Connect app. Administratorscan establish and enforce mobileapplication management policy.Adaptive addressing and routing —Adaptive addressing and routingdynamically adapts to networks,eliminating conflicts common withother solutions.Setup wizard — All SRAs are easy toset up and deploy in just minutes. Theset-up wizard provides an easy, intuitive“out-of-the-box” experience with rapidinstallation and deployment.Unified policy — SRA unified policyoffers easy, object-based policymanagement of all users, groups,resources and devices whileenforcing granular control basedon both user authentication andendpoint interrogation.
Dell SonicWALL SRA Series –anytime, anywhere accessSimple, secure mobile accessto resourcesThe SRA Series can be used to provideWindows, Mac OS X, iOS, Linux, Androidand Kindle users with access to a broadrange of resources.Granular access to authorized usersThe SRA Series extends secure mobileand remote access beyond managedemployees to unmanaged mobileand remote employees, partnersand customers by employing policyenforced fine-grained access controls.Employee oncorporate laptopin hotelEmployee onhome computerEmployee onsmartphone/tabletEmployeeat kioskAuthorizedpartnerTightly controlledand managed byIT departmentAuthorizedcustomerNot controlledand managed byIT departmentInternetCorporate LANFiles andapplicationsDell SonicWALL SRAat corporate networkIntranetUser desktopOther serversand applicationsCitrix PresentationServers (ICA) andMicrosoft terminalserversOther desktops
Easy-to-use, costeffective and securemobile access thataddresses the needsof your increasinglymobile workforce.Context-aware authenticationBest-in-class, context-awareauthentication grants access only totrusted devices and authorized users.Mobile devices are interrogated foressential security information suchas jailbreak or root status, device ID,certificate status and OS versions priorto granting access. Laptops and PCsare also interrogated for the presenceor absence of security software, clientcertificates, and device ID. Devices thatdo not meet policy requirements are notallowed network access and the user isnotified of non-compliance.Protection of data at rest onmobile devicesAuthenticated Mobile Connect userscan securely browse and view allowedintranet file shares and files from withinthe Mobile Connect app. Administratorscan establish and enforce mobileapplication management policy for theMobile Connect app to control whetherfiles viewed can be opened in otherapps (iOS 7 and newer), copied to theclipboard, printed or cached securelywithin the Mobile Connect app. For iOS 7and newer, this allows administrators toisolate business data from personal datastored on the device and reduces therisk of data loss. In addition, if the user’scredentials are revoked, content storedin the Mobile Connect app is locked andcan no longer be accessed or viewed.Clean VPNWhen deployed with a Dell SonicWALLnext-generation firewall, MobileConnect establishes a Clean VPN, anextra layer of protection that decryptsand scans all SSL VPN traffic for malwarebefore it enters the network.Web Application Firewall andPCI complianceThe Dell SonicWALL Web ApplicationFirewall Service offers businesses acomplete, affordable, well integratedcompliance solution for web-basedapplications that is easy to manage anddeploy. It supports OWASP Top Tenand PCI DSS compliance, providingprotection against injection and crosssite scripting attacks (XSS), credit cardand Social Security number theft, cookietampering and cross-site request forgery(CSRF). Dynamic signature updatesand custom rules protect againstknown and unknown vulnerabilities.Web Application Firewall can detectsophisticated web-based attacks andprotect web applications (includingSSL VPN portals), deny access upondetecting web application malware,and redirect users to an explanatoryerror page. It provides an easy-todeploy offering with advanced statisticsand reporting options for meetingcompliance mandates.
Personalizedweb portal3Corporate LAN3 Files andapplicationsDell SonicWALLSRA Appliance1IntranetUser desktopDecryptedtraffic2InternetEncryptedSSL trafficUnified threatmanagementscanningRemote userIncoming traffic is seamlesslyforwarded by the Dell SonicWALL NSA orTZ Series firewall to the Dell SonicWALLSRA appliance, which decrypts andauthenticates network traffic.1Users are authenticated using theonboard database or through third-partyauthentication methods such as LDAP,2Simple to manageSRA Series solutions feature unifiedpolicy and an intuitive web-basedmanagement interface that offerscontext-sensitive help to enhanceusability. In addition, multiple productscan be centrally managed using the DellSonicWALL Global Management System(GMS 4.0 ). Resource access via theproducts can be effortlessly monitoredusing the Dell SonicWALL Analyzerreporting tool.4Dell SonicWALLNSA or TZ firewallOtherservers andapplicationsActive Directory, Radius, DellDefender and other two-factorauthentication solutions.A personalized web portal providesaccess to only those resources thatthe user is authorized to view based oncompany policies.3Citrix XenAppOtherand Microsoftdesktopsterminal serversActiveDirectory,RADIUS,LDAP orlocaldatabaseTo create a Clean VPN environment,traffic is passed through to the NSA orTZ Series firewall (running gateway antivirus, anti-spyware, intrusion prevention,and application intelligence and control),where it is fully inspected for viruses,worms, Trojans, spyware and othersophisticated threats.4
SpecificationsDell SonicWALL SRA SeriesPerformanceSRA 1600SRA4600SRA Virtual ApplianceRecommended for organizations with50 or fewer employeesRecommended for organizations with250 or fewer employeesRecommended for organizations ofany sizeConcurrent user licenseStarts with 5 concurrent users.Additional user licenses available in 5and 10 user increments.Starts with 25 users. Additional userlicences are available in 10, 25 and 100user incrementsUser licenses available in 5, 10, and 25user incrementsUser /50-licensableSecure Virtual Assist technicians30-day trial-included/10-concurrenttechnicians maximum30-day trial-included/25-concurrenttechnicians maximum30-day trial-included/25-concurrenttechnicians maximum7575Maximum allowable Meeting participants–Unified policyYes. Also supports policies which have multiple AD groupsLoggingDetailed logging in an easy-to-read format, Syslog supported email alertsSingle-arm modeYesYesDell SonicWALL Secure Virtual Assist or SecureVirtual Access (licensed together)Connection to remote PC, chat, FTP, session recording and diagnostic toolsSecure Virtual MeetingInstantly brings meeting participants together securely and cost-effectively2YesIPv6 supportBasicLoad balancingHTTP/HTTPS load balancing with failover. Mechanisms include weighted requests, weighted traffic, least requestsHigh Availability–YesYesApplication offloadingYesYesYesWeb Application FirewallYesYesYesEnd Point Control (EPC)YesYesYesGeolocation-based policies 4YesYesYesBotnet filteringYesYesYes4BasicBasicKey featuresApplications supported3 Web portal access: Supports HTML5, proxy and application offloadingWeb services: HTTP, HTTPS, FTP, SSH, Telnet, VNC, Windows file sharing (Windows SMB/CIFS), OWA 2003/2007/2010Virtual Desktop Infrastructure (VDI): Citrix (ICA), RDPMobile Connect and NetExtender: Any TCP/IP based application: ICMP, VoIP, IMAP, POP, SMTP, etc.EncryptionARC4 (128), MD5, SHA-1, SHA-256, SHA-384, SSLv3, TLSv1, TLS 1.1, TLS 1.2, 3DES (168, 256), AES (256), RSA, DHEAuthenticationDell Quest Defender, other two-factor authentication solutions, One-time Passwords, Internal user database, RADIUS, LDAP,Microsoft Active Directory and Single Sign On (SSO) for most web based apps, RDP and VNC 3Multiple domain supportYesMultiple portal supportYesFine grain access controlAt the user, user group and network resource levelSession securityInactivity timeouts prevent unauthorized use of inactive sessionsCertificates Server: Self-signed with editable common name and imported from third parties Client: Optional client certificates supportedCache cleanerConfigurable. Upon logout all cached downloads, cookies and URLs downloaded through the SSL tunnel are erased from theremote computerClient support 3 Web portal access: Internet Explorer, Mozilla, Chrome, Opera, and Safari browsers NetExtender: Windows 2003, 2008, XP/Vista (32-bit and 64-bit), 7 (32-bit and 64-bit), 8 (32-bit and 64-bit), Mac OS X 10.4 ,Linux Fedora Core 3 / Ubuntu 7 / OpenSUSE, Linux 64-bit Mobile Connect: iOS 4.2 and higher, OS X 10.9 and higher, Android 4.0 and higher, Kindle Fire running Android 4.0 and higherand Windows 8.1Personalized portalThe remote user sees only those resources that the administrator has granted access to based on company policyManagementWeb GUI (HTTP, HTTPS), Send syslog and heartbeat messages to GMS (4.0 and higher) SNMP SupportUsage monitoringGraphical monitoring of memory, CPU, users and bandwidth usageThe recommended number of users supported is based on factors such as access mechanisms, applications accessed and application traffic being sent.Available in conjunction with Secure Virtual Assist for SRA 4600 and SRA Virtual Appliances only.Refer to the latest SRA release notes and admin guide for supported configurations.4Botnet filtering and Geolocation-based policies require an active support contract to be in place on the hardware or virtual appliance.123
Dell SonicWALL SRA for SMB SeriesHardwareSRA 1600SRA4600Hardened security applianceYesYesInterfaces(2) gigabit Ethernet, (2) USB, (1) console(4) gigabit Ethernet, (2) USB, (1) consoleProcessorsx86 main processorx86 main processorMemory (RAM)1 GB2 GBFlash memory1 GB1 GBPower supply/inputInternal, 100-240VAC, 50-60MHzInternal, 100-240VAC, 50-60MHzMax power consumption47 W50 WTotal heat dissipation158.0 BTU171.0 BTUDimensions17.00 x 10.13 x 1.75 in43.18 x 25.73 x 4.45 cm17.00 x 10.13 x 1.75 in43.18 x 25.73 x 4.45 cmAppliance weight9.50 lbs4.30 kg9.50 lbs4.30 kgsWEEE weight10.0 lbs4.50 kg10.0 lbs4.50 kgsMajor regulatory complianceFCC Class A, ICES Class A, CE, C-Tick, VCCI Class A, KCC, ANATEL, BSMI, NOM, UL, cUL, TUV/GS, CBEnvironmentMTBF32-105 F, 0-40 CHumidity 5-95% RH, non-condensing18.3 years17.8 yearsSRA Virtual ApplianceSRA virtual appliance virtualized environmentrequirements (Minimum)Hypervisor: VMWare ESXi and ESX (version 4.0 and newer)Appliance size (on disk): 2 GBAllocated memory: 2 GBFor more information on Dell SonicWALL SecureRemote Access solutions, visit www.sonicwall.com.SRA 1600, 5 user. 01-SCC-6594SRA 1600 additional users (50 user maximum)Add 5 Concurrent users.01-SSC-7138Add 10 Concurrent users.01-SSC-7139SRA 1600 supportDell SonicWALL Dynamic Support24x7 for up to 25 Users (1-year). 01-SSC-7141Dell SonicWALL Dynamic Support8x5 for up to 25 Users (1-year).01-SSC-7144Dell SonicWALL SRA Virtual Appliance,5 User.01-SSC-8469SRA virtual appliance additional users(50 user maximum)Add 5 concurrent users. 01-SSC-9182Add 10 concurrent users. 01-SSC-9183Add 25 concurrent users. 01-SSC-9184SRA Virtual Appliance supportDell SonicWALL Dynamic Support8x5 for up to 25 users (1-year). 01-SSC-9188Dell SonicWALL Dynamic Support24x7 for up to 25 users (1-year).01-SSC-9191Dell SonicWALL Dynamic Support8x5 for up to 50 users (1-year). 01-SSC-9194SRA 4600, 25 user .01-SSC-6596SRA 4600 additional users (500 user maximum)Add 10 Concurrent Users. 01-SSC-7118Add 25 Concurrent Users. 01-SSC-7119Add 100 Concurrent Users.01-SSC-7120Dell SonicWALL Dynamic Support24x7 for up to 50 users (1-year).01-SSC-9197For more informationDell SonicWALL5455 Great America ParkwaySanta Clara, CA 95054-3645SRA 4600 SupportDell SonicWALL Dynamic Support24x7 for up to 100 Users (1-year).01-SSC-7123Dell SonicWALL Dynamic Support8x5 for up to 100 users (1-year).01-SSC-7126www.sonicwall.comT 1 408.745.9600F 1 408.745.9300Dell SonicWALL Dynamic Support24x7 for 101 to 500 users (1-year).01-SSC-7129Dell SonicWALL Dynamic Support8x5 for 101 to 500 users (1-year). 01-SSC-7132Dell Software5 Polaris Way, Aliso Viejo, CA 92656 www.dell.comIf you are located outside North America, you can find localoffice information on our Web site. 2015 Dell, Inc. ALL RIGHTS RESERVED. Dell, Dell Software, the Dell Software logo and products—asidentified in this document—are registered trademarks of Dell, Inc. in the U.S.A. and/or other countries.All other trademarks and registered trademarks are property of their respective owners.DataSheet-SonicWALL-SRASeries-US-VG-25825
using the Dell SonicWALL Analyzer reporting tool. Performance SRA 1600 SRA4600 SRA Virtual Appliance Recommended for organizations with . Concurrent user license Starts with 5 concurrent users. Additional user licenses available in 5 and 10 user increments. Starts with 25 users. Addition
