Transcript SonicWALL Protects

It’s A New World
The Business Impact
Most of your network traffic will be coming from outside the private network you are
trying to secure
2001: Network Perimeter
2008: Resource Perimeter
Customer or
Supplier
Behind a
Firewall
VOIP Users
Internal
Users
Corporate Data
Centers
Traveling
Executives
Employee
at a Kiosk
Employee Using
a Wireless
Hotspot
External Users
Customers or
Suppliers
Remote Access
2
CONFIDENTIAL All Rights Reserved
Corporate Data
Centers
Day
Extenders
Employee
PDA User
Fundamental Changes
in Technology
 Ubiquity of broadband
 Proliferation of mobile devices
 Rise in IP telephony
 Increased teleworking
3
CONFIDENTIAL All Rights Reserved
Enterprise-class Networking
Drivers & Trends
Business Drivers
Technology Trends
 Growth in real-time applications
 Reduction in operating costs
 SaaS / Web 2.0
 Focus on TCO
 Virtualization of services
 Mobilization of the workforce
 Data Center consolidation
 Compliance
 Outsourcing growth
 Gaining competitive advantage
Infrastructure Demands
 Growth in bandwidth; thirst for
unimpeded traffic routing
 Integration concerns
 Handling latency sensitive traffic
becomes challenging – voip, collab.
 De-perimeterization
4
4
The Communications Landscape Is Rapidly Evolving
CONFIDENTIAL All Rights Reserved
Your Users are Increasingly Out
of Your Control
Day
Extenders
Kiosks/Public
Machine Users
Home Office
Users
Traveling
Executives

Users

Devices

Network environments

Mobility

Remote access
Business
Partners/
Extranet Users
Wireless LAN
Users
VOIP Users
Network
Applications
and Resources
5
CONFIDENTIAL All Rights Reserved
PDA & Smart
Phone Users
Internal Users
External Users
Current Solutions Present Challenges
Solutions
Traffic
Application Access
3
Application Layer Threats
Proxy
Software Vulnerabilities
2
Worms
IDS/IDP
Basic Applications
Legacy System Access
1
Traditional Firewall
6

Lack of integration and correlation between solutions increases
management overhead, complexity and cost

Lowered performance and higher false positive rate; inability to
handle real-time traffic increases risk

Policy focuses on blocking ports rather than widespread
inspection of applications and application threats
CONFIDENTIAL All Rights Reserved
SonicWALL Solution Suite
Business Continuity
Content Security
Continous Data Protection
Email Security & CSM
Secure Wireless
Global Management
Remote Access
SonicPoint
GlobalManagementSystem
SSL-VPN
Network Security
7
CONFIDENTIAL All Rights Reserved
worldwide customer
more than 1 million appliances
8
CONFIDENTIAL All Rights Reserved
Enterprise-Products: SonicWALL E-Class
Network Security Appliance E5500
Network Security Appliance E6500
Network Security Appliance E7500
SonicWALL Aventail EX -750
SonicWALL Aventail EX-1600
SonicWALL Aventail EX-2500
Email Security ES 6000
Email Security ES 8000
GMS (Global Management System)
9
CONFIDENTIAL All Rights Reserved
SonicWALL NSA E-Class Series
E7500
E6500
E5500
 Enterprise-class Deep Packet
Inspection and Application Firewall
 Revolutionary Multi-Core
Performance
 Threat Protection over both External
RTDPI
RTDPI Engine
Engine Architecture
Architecture
and Internal Networks
+
+
Unified Threat Protection
Re-Assembly Free Design
 Integrated Business Continuity & High
Multi-Core
Availability Features
The SonicWALL® Network Security Appliance (NSA) Series - the first multicore Unified Threat Management (UTM) platform that delivers enterpriseclass deep packet inspection without compromising performance
10
CONFIDENTIAL All Rights Reserved
Next Generation E-Class Architecture
Enterprise-class
Requirements
1.
SonicWALL
Solution
Consolidated & Integrated
Security Technology
Multi-Tiered Protection Technology
2.
Inspection of Real-time &
Latency Sensitive
Applications/Traffic
Patented Re-Assembly Free Inspection
3.
11
Scalable & High Performing
Enough to Protect Against
Perimeter and Internal Network
Challenges
CONFIDENTIAL All Rights Reserved
Multi-Core High Perf. Architecture
E-Class Features/Benefits
1. Security Integration
2. Ultimate Connectivity
 Complete UTM Protection with Gateway
Anti-Virus, Anti-Spyware and IDP
 Next Generation Application Firewall
 Content & Application Filtering
 “Clean VPN” Protection
 Secure IPSec Site-to-Site VPN
Connectivity
 Exceptional User Policy Control and
Access to Resources
 Wireless Mobility
 Network Availability
3. Reliability & Optimization
4. Flexible Deployments
 Highly Redundant Hardware – Power/Fans
 One Point of Network Control
 Business Application Prioritization & QoS
 Integrated Server Load Balancing Feature-set
12
CONFIDENTIAL All Rights Reserved
 Data Center, Campus & Department
Network Applications
Transparent L2 Bridge Mode
 Integrated Wireless Switch Deployment
 Ease of Deployment & Management
NSA E-Class Series Overview
The NSA E Class is offered at three price points
NSA E7500
NSA E7500





The Ultimate in UTM, FW and VPN performance
5GB FW / 1GB UTM / 1.2 GB IPS
CPU: 16 Core 600Mhz – 9.6 Ghz of Processing Power
Interfaces: 4 Gig auto-sensing copper; 4 Gig SFP
Features: Information Center; Dual Power Supplies; Dual Redundant Fans
NSA E6500
NSA E6500





Best in Class UTM, FW and VPN performance
3GB FW / 750Mbps UTM / 850Mbps IPS
CPU: 16 Core 550Mhz – 8.8 Ghz of Processing Power
Interfaces: 8 Gig auto-sensing copper
Features: Information Center: Dual Redundant Fans
NSA E5500
NSA E5500
13
CONFIDENTIAL All Rights Reserved





Mid-Enterprise Performance & Value
2 GB FW / 400Mbps UTM / 550Mbps IPS
CPU: 8 Core 550Mhz – 4.4 Ghz of Processing Power
Interfaces: 8 Gig auto-sensing copper
Features: Information Center; Dual Redundant Fans
NSA Feature: Application Visibility


Traditional Firewalls can only determine port and protocol

Control, Block or bandwidth limit what applications are used on a per
user basis
SonicWALL’s Patented RFDPI Technology provides Application
Classification and Inspection
Non-Business Related
Business Related
Permit Business Related
HTTP
Corporate Network
IM
Internet
TCP
Email
Block or Bandwidth limit
SonicWALL Deep Intelligence
Network Visibility 
Deep Intelligence
Bandwidth
Intelligence
VPN
Reporting
Employee
Net Usage
Threat
Information
Top VPN
Users
Application
Usage
Bandwidth
Misuse
Pro-Active Alerting
Alert Your Staff
SonicWALL
UTM Appliance
IT Actionable Info
No Intelligence
VPN
Threats
Protocols
Attacks
End User Activities
HTTP
FTP
IM/P2P
Mail
Network Traffic
Potential Threats
SonicWALL UTM & ViewPoint Delivers Deeper Business Intelligence
15
CONFIDENTIAL All Rights Reserved
Best-of-Breed Performance

“This box offers 1.3Gbps of UTM performance, which
is nearly triple the speed of the fastest product in our
comparative UTM test last November “

“Overall, the E7500 provides a dramatic boost in speed
that makes UTM possible in enterprises needing
gigabit speeds.”
Joel Snyder
SonicWALL’s Performance Advantage
Patented Re-Assemble Free Deep Packet Inspection
Engine (RFDPI)
Multi-core architecture offers parallel processing for
increased scalability
On-chip security co-processing and hardware acceleration
**Competitive data obtained from vendor datasheet.
SonicWALL Email Security
IT Security Concerns
Top 5: Virus, Spyware, SPAM, Intrusion & Theft
18
CONFIDENTIAL All Rights Reserved
Spam
Many messages are obviously spam
19
CONFIDENTIAL All Rights Reserved
Is it Spam?
Other messages will be disagreed upon
20
CONFIDENTIAL All Rights Reserved
Phishing
Some emails are easy to determine as phish
21
CONFIDENTIAL All Rights Reserved
Phishing?
Sometimes it is hard to tell
22
CONFIDENTIAL All Rights Reserved
Outbound Risks and Compliance
•U.S. Federal: HIPAA, GLBA, SOX, Sec 17a-4, NASD3010, PATRIOT Act Section 326
•European: Safe Harbor, EU Data Protection Directive 95/46
•Organization: VISA CISP, MasterCard Site Data Protection Program, FERPA
•State: CA SB 1386 & AB 1950 / NY Bill A04254 / IL H.B. 1633
•Corporate: Prevent offensive language, add disclaimers, block files
•Many more…
All organizations need to be address compliance requirements
23
CONFIDENTIAL All Rights Reserved
Inbound and Outbound Threats
Threats Require Inbound and Outbound Protection
24
CONFIDENTIAL All Rights Reserved
Proliferation of Systems
Typical Mail Data Center
Management of Multiple Systems Becomes Complex
25
CONFIDENTIAL All Rights Reserved
Collect Worldwide Threat Data
26
CONFIDENTIAL All Rights Reserved
Analyze for Bad/Good Email Patterns
Bad Pattern
Good Pattern
50 people
40 million emails
… in 6 different countries
… sent by [email protected]
… receive a new attachment
… from 3 IP addresses
…that has never been seen before
… in Seattle
… within 30 minutes
… and never junked
Likely Virus
27
CONFIDENTIAL All Rights Reserved
Good Email
Cross Analyze Patterns with
Content Evaluation and Reputation
SonicWALL Determines a Definitive Judgment – Not Just a Score
28
CONFIDENTIAL All Rights Reserved
SonicWALL Email Security Stops
Today’s and Tomorrow’s Threats
Threats Evolve – SonicWALL Protects
29
CONFIDENTIAL All Rights Reserved
SonicWALL Email Security


Anti-Spam, Anti-Phishing, Anti-Virus
Compliance and Policy Management
 Appliance and Software options
 Works with any email system (SMTP)
 Unified inbound and outbound protection
 Installs in < 1 Hour…managed in < 10 minutes/week
 For businesses from Less than 50 users to Over 5000 Users
30
CONFIDENTIAL All Rights Reserved
Quick Configuration



31
CONFIDENTIAL All Rights Reserved
5 Steps to Configure
Full install in < 1 hour
High availability options
Anti-Spam, Anti-Phishing, Anti-Virus
 Complete protection
 Inbound/Outbound
 Spam, Virus, Phishing
 Zombies, DHA, DoS
 Automatic updates
 No rules to write
 Complete flexibility
 Per-user and per-group
32
CONFIDENTIAL All Rights Reserved
Administrative and End-User Junk Box

Web-based Junk Box
 Search, sort, preview
 View all threats

1-click UnJunk
 Retrieves
 Adds to allowed list
 Provides feedback
 Administrative, End-User
33
CONFIDENTIAL All Rights Reserved
Junk Box Summary
 Easy quarantine view
 Email summary
 Configurable





34
CONFIDENTIAL All Rights Reserved
Frequency
Specific time and day
11 languages
All or just questionable
Preview and UnJunk
 1-click
Email Policy & Compliance Approach
Robust tools to Identify, Monitor, and Enforce
35
CONFIDENTIAL All Rights Reserved
Policy and Compliance Management
 Powerful filters


36
CONFIDENTIAL All Rights Reserved
 Search any message part
 Scan within attachments
 Check for disguised text
 Match against dictionaries
 Judgment-based policies
15 action options
 Bounce, quarantine, log
 Add disclaimers
 Strip attachments
 Etc.
Apply to specific groups
 LDAP-based
Email Auditing
 Full email audit




All good mail
All bad mail
Inbound
Outbound
 Searchable
 From, To, Subject
 Today or multi-day
 Detailed information
 Per-recipient data
 Full audit trail
37
CONFIDENTIAL All Rights Reserved
Reporting and Monitoring
 25+ Web-based reports




Dashboard, System Status
Spam, Phishing, Virus
Policy and Compliance
Return-on-Investment
 Custom reports
 Emailed reports
 Schedulable reports
38
CONFIDENTIAL All Rights Reserved
Instant Deployment
39
CONFIDENTIAL All Rights Reserved
High Availability Deployment
40
CONFIDENTIAL All Rights Reserved
Thank you.
www.sonicwall.com