Dell presentation template Standard 4:3 layout
Download
Report
Transcript Dell presentation template Standard 4:3 layout
Protection from Next Gen
Threats
Pralobh Menon
Dell India Pvt Ltd
Pralobh Menon
Sales Engineer DELL SonicWALL (South)
Solutions Road Show 2014
March’ 2014 | India
DELL SonicWALL solutions
1. Next Generation firewalls
2. Secure Remote Access (SSL-VPN)
3. Reporting & Management
2
Confidential
Solutions Road Show 2014
March’ 2014 | India
Dell SonicWALL Product Portfolio
Network security
Mobile
Connect
Clean wireless – SonicPoint-N Series
WAN acceleration
Secure remote access
Mobile
Connect
Email security
Hosted
Policy & management
3
Confidential
Solutions Road Show 2014
March’ 2014 | India
Dell SonicWALL
Firewalls
4
Confidential
Solutions Road Show 2014
March’ 2014 | India
Dell SonicWALL NGFW lineup
Enterprise, data center
Dell SonicWALL SuperMassive Series
SMB/campus/branch
Dell SonicWALL
NSA Series
Dell SonicWALL
TZ Series
TZ 215
TZ 205
TZ 105
5
Confidential
NSA 6600
NSA 5600
NSA 4600
SuperMassive 9600
SuperMassive 9400
SuperMassive 9200
SuperMassive E10800
SuperMassive E10400
SuperMassive E10200
NSA 3600
NSA 2600
NSA 250M/220
Solutions Road Show 2014
March’ 2014 | India
Looking at the box - Front
6
Confidential
Solutions Road Show 2014
March’ 2014 | India
Looking at the box - Back
7
Confidential
Solutions Road Show 2014
March’ 2014 | India
Network Traffic Visualization
Bandwidth
Breakdown
App Traffic
Drilldown
Real-time Traffic Breakdown
User Traffic
Consumption
Identify
P2P Traffic
8
Dell SonicWALL next-generation firewall
Identify
By Application
- Not by Port & Protocol
By User/Group
-Not by IP
By Content Inspection
-Not by Filename
Categorize
Control
Prioritize Apps by Policy
Manage Apps by Policy
Block Apps by Policy
Detect and Block Malware
Detect & Prevent Intrusion Attempts
By Application
By Application Category
By Destination
By Content
By User/Group
Policy
Users/Groups
Critical Apps
Application Chaos
Reassembly-Free
Deep Packet Inspection
Ingress
Acceptable Apps
Egress
Unacceptable Apps
Cloud-Based
Extra-Firewall
Intelligence
9
Confidential
Malware Blocked
Solutions Road Show 2014
March’ 2014 | India
Application Intelligence
10
Confidential
Solutions Road Show 2014
March’ 2014 | India
Advanced App Control
Application
Library with over
4235 unique
Application Uses
Granular Control
Allow Facebook, Block
BitTorrent
Allow Chat, Block File
Transfer
- Group/User Based
- Schedule Based
- Exceptions
11
Confidential
Solutions Road Show 2014
March’ 2014 | India
Geo-IP Filter
Block traffic from
Hostile Countries
12
Confidential
1 Confidential
Solutions Road Show 2014
March’ 2014 | India
SonicWALL On-Board DPI Security Services
Intrusion Prevention
Gateway Anti-Virus
Gateway Anti-Spyware
Cloud-AV
Content/URL Filtering
DPI SSL (SSL Inspection)
Application Intelligence & Control
Application Visualization
Comprehensive Anti-Spam
13
Confidential
Solutions Road Show 2014
March’ 2014 | India
NGFW Wire & L2 Bridge Mode Deployment
NGFW insertion into a network with an existing gateway firewall
Layer 2 Bridge or Wire Mode Deployment
Before
After
Discover application usage & threats leaking through the
traditional firewall
14
Confidential
Solutions Road Show 2014
March’ 2014 | India
Next Generation Firewall (NGFW)
Breaks the malware cycle
SSL Decryption
URL
Filtering
Intrusion
Prevention
Network
Anti-Virus
Cloud
Anti-Virus
Botnet
Filtering
15
Confidential
Page Visit
Compromised
“Good” Site
Exploit
Malware Request
Malware
Hosting Site
Malware
Solutions Road Show 2014
March’ 2014 | India
Introducing the SuperMassive 9000 Series
Industry leading performance and PSC
in an elegant, 1RU design
Industry leading
power, space, and
cooling all in an
elegant 1 rack unit
design.
16
Confidential
The NGFW
specifically
engineered for
10Gb+ enterprise
networks.
Capable of scaling to
meet the high DPI
performance and low
latency demands of
the world’s largest
data centers and
carriers.
The NGFW is
designed to deliver
deep security to your
enterprise at multigigabit speeds
Solutions Road Show 2014
March’ 2014 | India
Performance
17
Confidential
SuperMassive 9600
•
•
•
•
9.7 Gbps IPS & Application Control
20 Gbps Firewall Throughput
5 Gbps Threat Prevention
32x1.2 Ghz, 32 GB Ram
SuperMassive 9400
•
•
•
•
8 Gbps IPS & Application Control
20 Gbps Firewall Throughput
4.5 Gbps Threat Prevention
32x1.2 Ghz, 16 GB Ram
SuperMassive 9200
•
•
•
•
5.0 Gbps IPS & Application Control
10 Gbps Firewall Throughput
3.5 Gbps Threat Prevention
24x1.0 Ghz, 8 GB Ram
Solutions Road Show 2014
March’ 2014 | India
Performance
18
Confidential
•
•
•
•
4.5 Gbps IPS & Application Control
12 Gbps Firewall Throughput
3 Gbps DPI Throughput
24 x 1Ghz, 4 GB RAM
•
•
•
•
3 Gbps IPS & Application Control
9 Gbps Firewall Throughput
1.6 Gbps DPI Throughput
10 x 1.3Ghz, 4 GB RAM
•
•
•
•
2 Gbps IPS & Application Control
6 Gbps Firewall Throughput
800 Mbps DPI Throughput
8 x 1.1Ghz, 2 GB RAM
•
•
•
•
1.1 Gbps IPS & Application Control
3.4 Gbps Firewall Throughput
500 Mbps DPI Throughput
6 x 800Mhz, 2 GB RAM
Solutions Road Show 2014
March’ 2014 | India
Multicore
E10200
24 Cores
E10400
48 Cores
19
Confidential
E10800
96 Cores
Solutions Road Show 2014
March’ 2014 | India
Top Deployments
1. Traditional NAT Gateway with Security & Remote Access
2. High Availability Modes
– Active/Passive with State Synchronization
– Active/Active DPI with State Synchronization
– Active/Active Clustering
3. In-Line Deployments: Wire mode or Layer 2 Bridge Mode, Tap Mode
– Easy Network Insertion, no network re-numbering
4. “Clean Wireless” Deployment
– Firewall as a wireless controller
– DPI on all wireless traffic
5. “CleanVPN” Deployment
– Firewall as a VPN Concentrator
– DPI on all incoming VPN traffic
6. VPN Concentrator for Distributed Enterprise
– Global Management System (GMS) to provision and manage branch offices
– Connectivity through central SuperMassive or E-Class NSA firewall
– All security done at the central site
7. Network Segmentation (Security Zones)
– Network Segmentation via VLAN & Security Zones
– Different Security policies for each Security Zone
20
Confidential
Solutions Road Show 2014
March’ 2014 | India
Flexible Wire Mode Deployment
Bypass
Inspect
Secure
Allows for the quick and relatively non interruptive introduction of
SuperMassive into a network (ie: between a core switch and a
perimeter firewall, in front of a VM server farm, at a transition point
between data classification domains).
Inspect Mode provides full visibility & low-risk, zero-latency packet
path.
Secure Mode is the progression of Inspect Mode,
actively interposing
Solutions Road Show 2014
21
active control into the packet processing path.
Confidential
March’ 2014 | India
Secure Remote
Access
22
Confidential
Solutions Road Show 2014
March’ 2014 | India
Dell SonicWALL Secure Remote Access
E-Class
Secure
Remote
Access
Series
SRA EX9000
Mobile
Connect
Secure
Remote
Access
Series
Connect
Mobile
SRA EX7000
Spike
License
SRA 4200
Mobile
Connect
Secure Virtual
Access
End Point
Control
SRA EX6000
Secure Virtual
Assist
SRA 1200
Secure Virtual
Assist
Secure Virtual
Meeting
Virtual Appliance
Advanced
Reporting
Native Access
Modules
Spike License
Protect –
unified policy
limits user
access to
authorized
applications
only
Connect –
smart access
and tunneling
ensure easy,
secure access
to all network
resources
Virtual Appliance
Web App
Firewall
Detect –
granular endpoint control
detects identity
and security
state
End Point
Control
Secure remote access for all users, devices and applications
23
Confidential
Solutions Road Show 2014
March’ 2014 | India
Perimeter is starting to Fade.
Mobility trends are putting endpoints Increasingly Out of
IT Control
Business
Partners/
Extranet Users
PDA & Smart
Phone Users
Day
Extenders
Home Office
Users
Internal Users
Traveling
Executives
Saas, Web 2.0
Real-Time Apps
Kiosks/Public
Machine Users
VOIP Users
Wireless LAN
Users
24
Confidential
Solutions Road Show 2014
March’ 2014 | India
The Dell SonicWALL Aventail approach to
Secure Remote Access
Detect
Detect what is running on
the end point device
Protect
Protect applications with
granular access control based
on user identity and device
integrity
Connect
Connect
Connect users securely and
easily to applications on any
device
Remote Access
Traveling
Employee
Employee
at a
Kiosk
Dell SonicWALL SSL
VPN Solution
Day
Extender
Employee
Using a
Wireless
Hotspot
Employee
Smart
Phones/
Tablets
Corporate Perimeter
Directories
Applications
LDAP
Web Apps
Client/Server Apps
LDAP
AD
RADIUS
Extranet Access
File Shares
Databases
VoIP
VDI Infrastructure
Internal Access
Customer/Supplier
Behind a Firewall
Business Partner
from any Browser
Internal Users
25
Confidential
Solutions Road Show 2014
March’ 2014 | India
Connect: Smart access to unmanaged
devices
Welcome to the myCompany Remote Access Portal
WorkPlace access: Access to web-based and client/
server applications from virtually any device.
26
Confidential
Solutions Road Show 2014
March’ 2014 | India
Detect: EPC for iOS/Android Devices
EPC options for iOS
• Determine jailbreak status
• DeviceID (Based on the UDID of the
iOS device)
• Certificate enforcement
• OS version control
EPC options for Android
• Determine root status
• DeviceID (Based on the IMEI of the
Android device)
• Certificate enforcement
• OS version control
• Enforcement of anti-virus
27
Confidential
Solutions Road Show 2014
March’ 2014 | India
Connect: Dell SonicWALL Mobile Connect
• Unified client app supporting SSL VPN connectivity to the E-Class SRA, SRA
and Next-Generation Firewall solutions
• Determine if the device is Jailbroken or rooted (E-Class SRA Only)
• Unified policy controls to limit access from Android or iOS enabled devices
• Easily downloadable from Google play or App Store for iOS
iOS
Dell SonicWALL SSL
VPN Solution
Corporate Perimeter
Directories
Applications
LDAP
Web Apps
Client/Server Apps
Internet
Android
28
Confidential
LDAP
AD
RADIUS
File Shares
Databases
VoIP
VDI Infrastructure
Solutions Road Show 2014
March’ 2014 | India
Mobile Connect for iOS / Android
Dell Aventail E-Class
SRA Appliances
Step 1:
Download
Mobile Connect
Step 3: Configure SSL
VPN Connection
Dell SonicWALL
SRA Appliances
Dell SonicWALL NextGeneration Firewalls
Step 2:Install
Mobile Connect
29
Confidential
Solutions Road Show 2014
March’ 2014 | India
Management
and Reporting
30
Confidential
Solutions Road Show 2014
March’ 2014 | India
Management and reporting
Analyzer
GMS 7.0
Scrutinizer
Reporting & Analytics Reporting & Analytics,
Flow Analytics
Policy Management,
Monitoring
for
for
for
SonicWALL firewall, SonicWALL firewall, SonicWALL firewalls,
Solutions
Road Show 2014
Confidential
CDP,
and SRA appliances
CDP, SRA, email security
3rd party
routers,
switc
March’ 2014
| India
31
GMS 7.0 & Analyzer –
Application traffic analytics
Trouble shooting, forensics, app usage reports for customers
32
.
Confidential
Solutions Road Show 2014
March’ 2014 | India
3rd Party
Validation
34
Confidential
Solutions Road Show 2014
March’ 2014 | India
The NSS Security Value Map
Summary of 2013
NGFW testing results
from
www.nsslabs.com
Classification
- Recommended
- Caution
- 2xNeutral
Final Product Rating
near the name of the
product
35
Confidential
Lines
signify
Solutions
Road Show 2014
March’ 2014 | India
corrections
due to
UTM Firewall 2012 Magic
Quadrant (March 2012)
–SonicWALL was positioned in
the Leaders Quadrant for
2012
Fast-Forwarding Firewall Face-Off
(April 2012)
–Best Overall Performance for NGFW
–Best Overall Performance for UTM
–Best Overall Performance for SSL Decryption
36
Confidential
Solutions Road Show 2014
March’ 2014 | India
Q&A
37
Confidential
Solutions Road Show 2014
March’ 2014 | India
Thank You
38
Confidential
Solutions Road Show 2014
March’ 2014 | India