2. 2 SonicWALLConfidential
Dell SonicWALL’s legacy
1991 1996 2005 2007 2010 2011 2012
Founded
Became
leading
provider of
subscription
services on
optimized
appliances
Became the
leader in unit
share for
Unified Threat
Management
Firewall
appliances
Shipped one
million
appliances
worldwide
Named to
Visionaries
Quadrant,
Gartner Magic
Quadrant for
SSL VPN
Thoma Bravo and
SonicWall entered
into a partnership
Positioned as
“Leader” in
Gartner UTM
Magic Quadrant
Positioned as
“Visionary” in
Gartner SSL VPN
Magic Quadrant
Announced
SuperMassive™
E10000 Series
SNWL Earns
NNSLabs
Recommended
Rating for
NGFW SVM
Shipped two
million
appliances
worldwide
5/9: Joined the
Dell family
3. 3 SonicWALLConfidential
Magic Quadrant Unified Threat Management
Dell SonicWALL in Leaders Quadrant
By John Pescatore, Greg Young
challengers leaders
niche players visionaries
abilitytoexecute
completeness of vision
as of March 5, 2012
Dell SonicWALL
Fortinet
Check Point Software Technologies
WatchGuard
Sophos (Astaro)
Cyberoam
Netasq
Cisco
Juniper Networks
Netgear
Trustwave
gateProtect
Clavister
Kerio Technologies
Dell Vendor Profile
Excerpted from
MQ:
Strengths
•Dell has strong global partner and MSSP support.
•Dell SonicWALL is well-known in the UTM space and
appears frequently on Gartner client shortlists.
•The graphical elements of SonicWALL's management
interface are consistently highly rated.
•SonicWALL's release of new features has kept up with
midmarket needs, and has been matched by usability
enhancements.
Cautions
•SonicWALL's push into the high end with
SuperMassive may divert resources and focus from the
UTM market.
•SonicWALL does not offer a virtual appliance for the
UTM space.
5. 5 SonicWALLConfidential
Dell Connected Security
38B security
events analyzed
daily
1m devices WW
reporting on 40m
users
638B intrusions
prevented in 2011
$14 trillion in
assets protected
daily
40,000 new
malware samples
analyzed every
day
4.2B malware
attacks blocked in
2011
Data encrypted
and protected on
7m devices
Dell SonicWALL
Dell Dell Secureworks
Dell Credant
Dell KaceDell Quest
Dell is firmly
committed to
providing end-to-end
IT solutions that
enable customers to
grow and thrive. This
includes continuous
protection of
customers data,
applications,
systems and
networks.
6. Secure remote access
Email security
Policy & management
Hosted
Network security
Dell SonicWALL product portfolio
Clean wireless – SonicPoint-N Series
WAN acceleration
Application
Intelligence
and Control
GAV/ Anti- Spyware
Intrusion
Prevention
Comprehensive
Anti- Spam
Service
Enforced
Client
Anti- Virus
Content
Filtering
Service
Global
VPN
Client
SSL VPN
For Network
Security
Secure
Virtual Assist
Mobile
Connect
End Point
Control
Connect
Mobile
Spike License
Pack
Advanced
Reporting
Native Access
Module
Secure
Virtual Assist
Secure
Virtual Access
Secure
Virtual Meeting
Mobile
Connect
Web Application
Firewall
Email
Protection
Email
Anti- Virus
Email
Compliance
Global
Management System
Analyzer Scrutinizer
7. 7 SonicWALLConfidential
Dell SonicWALL Next-Gen Firewalls
SuperMassive
E10000 & 9000
Series
Data centers, ISPs
E-Class NSA Series
Medium to large
organizations
NSA Series
Branch offices and
medium sized
organizations
TZ Series
Small and
remote offices
E10200E10400E10800
NSA E8500 NSA E6500 NSA E5500NSA E8510
NSA 4600 NSA 3600 NSA 2400 NSA 250M NSA 220
TZ 205 TZ 105TZ 215
9600 9400 9200
NSA 5600 NSA 6600
8. Dell SonicWALL Next Generation Firewalls
SuperMassive E10800
SuperMassive E10400
SMB/Campus/Branch
Enterprise, Data Center
SuperMassive Series
TZ 215/W
TZ 205/W
TZ 105/W
SuperMassive 9600
SuperMassive 9400
SuperMassive 9200
TZ Series
NSA 4600
NSA 3600
NSA 2600
NSA 220/250M
NSA 6600
NSA 5600
NSA Series
9. 9 SonicWALLConfidential
E-Class Series Certifications
FIPS140-2
Common Criteria EAL4+
ICSA Firewall ICSA Enterprise Firewall
(IPv6, High Availability, VoIP)
IPv6 Phase 1
IPv6 Phase 2
NSSRecommended NGFW
(E10800 based on the same security engine)
13. 13 SonicWALLConfidential
Next Generation Firewall Technology
1. Stateful Packet Inspection
2. Intrusion Prevention
– The front- line network defense against application attacks
3. Application Identification & Visualization
– Can’t control what you can’t see
4. User Identification through Single Sign On (SSO)
– Correlate network traffic with users
5. Application Control
– Granular control (Allow Facebook, Block Social Gaming)
6. SSL Decryption
– Don’t allow threats to tunnel through encrypted channels
7. Threat Prevention
– Anti- X (Virus/Trojan/Malware)
DeepPacketInspection
14. 14 SonicWALLConfidential
Application Intelligence, Control and Visualization
Application Chaos
So many on Port 80
Critical Apps Prioritized Bandwidth
Acceptable Apps Managed Bandwidth
Unacceptable Apps Blocked
Identify
By Application
- Not by Port & Protocol
By User/Group
-Not by IP
By Content Inspection
-Not by Filename
Categorize
By Application
By Application Category
By Destination
By Content
By User/Group
Users/Groups
Ingress
Control
Prioritize Apps by Policy
Manage Apps by Policy
Block Apps by Policy
Detect and Block Malware
Detect & Prevent Intrusion Attempts
Policy
Visualize &
Manage Policy
Cloud-Based
Extra-Firewall
Intelligence
Egress
Malware Blocked
Massively Scalable
Next-Generation
Security Platform
High Performance Multi-Core
Re-Assembly Free
DPI
Visualization
17. 17 SonicWALLConfidential
Identify and Control Applications
Application
Library with over
3800 unique
Application Uses
Granular Control
Allow Facebook, Block
Farmville
Allow Chat, Block File Transfer
- Group/User Based
- Schedule Based
- Exceptions
22. 22 SonicWALLConfidential
RFDPI Engine with DPI-SSL
RFDPI Engine
Incoming SSL
Session
Handling
Ultra-Scalable TCP Stack
Decryption
Re-Encryption
Outgoing SSL
Session
Handling
SSL Stream out
SSL Stream in
23. 23 SonicWALLConfidential
SSL Decryption (DPI SSL) Details
• Does not rely on a proxy configuration
• Can inspect all SSL sessions on all ports independently of the
protocol (HTTPS, IM SSL, POP3 over SSL, etc…)
• Scans both SSL encrypted and decrypted data
• Can inject content such as block pages
• Client Side DPI-SSL Security Services
– Gateway Anti- Virus, Gateway Anti- Spyware, Intrusion Prevention,
Application Firewall, Content Filtering
• Server Side DPI-SSL Security Services
– Gateway Anti- Virus, Gateway Anti- Spyware, Intrusion Prevention,
Application Firewall
• Optional: decrypted traffic can be sent directly to the server after DPI
inspection. Benefit: SSL Offloading
25. 25 SonicWALLConfidential
Single Sign-On Overview
• SSO is a transparent user authentication that provides access to
network resources with a single login.
User Workstation
Authorized
passwrd123
No need for additional authentication!
Access Rules
Security Services
32. 32 SonicWALLConfidential
Route Based IPSec VPN
• Tunnel Interface: A Tunnel Interface can be defined between the two
end- points of the tunnel. Static routes will be used to route traffic
through the tunnel interface.
• Note: The Tunnel Interface must be bound to a physical interface
and the IP address of that physical interface is used as the source
address of the tunneled packet.
37. 37 SonicWALLConfidential
Top Deployments
1. Traditional NAT Gateway with Security & Remote Access
2. High Availability Modes
– Active/Passive with State Synchronization
– Active/Active DPI with State Synchronization
– Active/Active Clustering
3. In-Line Deployments: Wire mode or Layer 2 Bridge Mode, Tap Mode
– Easy Network Insertion, no network re- numbering
4. “Clean Wireless” Deployment
– Firewall as a wireless controller
– DPI on all wireless traffic
5. “CleanVPN” Deployment
– Firewall as a VPN Concentrator
– DPI on all incoming VPN traffic
6. VPN Concentrator for Distributed Enterprise
– Global Management System (GMS) to provision and manage branch offices
– Connectivity through central SuperMassive or E- Class NSA firewall
– All security done at the central site
7. Network Segmentation (Security Zones)
– Network Segmentation via VLAN & Security Zones
– Different Security policies for each Security Zone
38. 38 SonicWALLConfidential
Medium/Large Network Deployment with DPI Security
• Requirements
– Layered security
– Levels of trust created via defining
zones.
– Gateway Firewalls between zones.
– Context- aware security
– Enforce global Policy based on
context (user, location, access
method, Device, etc)
– Application- aware Security
– Mitigate Advance persistent threats
– Orchestrated Security management
– Workload Virtualization introduces
Virtual Access Layer
– Need security functions like physical
layer
• Security Functions
– ACLs, Firewalls, IDS/IPS
– host- based security (HIPS,
Vulnerability Scanning)
– Email Security
– Anti- Spyware
– Secure Remote Access
– SIEM/Log Monitoring
Virtual Access
Core
WAN
Aggregation
Access
Firewall,
IDS/IPS,
Gateway
services, …
• Security required at each layer to achieve global protection
• Virtual Access layer requires security enforcement within virtual environment
NSA Series
38
39. 39 SonicWALLConfidential
NGFW Wire & L2 Bridge Mode Deployment
NGFW insertion into a network with an existing gateway firewall
Layer 2 Bridge or Wire Mode Deployment
Discover application usage & threats leaking through the
traditional firewall
Before After
40. 40 SonicWALLConfidential
Flexible Wire Mode Deployment
Bypass Inspect Secure
Allows for the quick and relatively non interruptive introduction of
SuperMassive into a network (ie: between a core switch and a perimeter
firewall, in front of a VM server farm, at a transition point between data
classification domains).
Inspect Mode provides full visibility & low- risk, zero- latency packet path.
Secure Mode is the progression of Inspect Mode, actively interposing active
control into the packet processing path.