Transcript NSA 2400MX Overview

NSA 2400MX Partner Overview
Name
Title
Email
Phone
SonicWALL Network Security
Portfolio - 2010
NSA E7500
NSA E6500
NSA 4500
TZ 210 Series
NSA 3500
TZ 100/200 Series
NSA 2400
NSA E5500
NSA 240
2
For SonicWALL Partner Use All Rights Reserved
SonicPoint-N
Drivers & Trends
Business Drivers
Technology Trends
 Reduction in operating costs
 Growth in real-time & Internet-based
applications & communication
 Focus on TCO
 SaaS / Web 2.0
 Mobilization of the workforce
 Virtualization of services / SOA
 Compliance
 Employees increasingly utilize
network services – productive and
unproductive
 Outsourcing growth
 Gaining competitive advantage
 High speed and available information
sharing is critical
 Increases in bandwidth and volume of
traffic
3
3
Organizations are continually adapting to their competitive
environment and ongoing technology trends
For SonicWALL Partner Use All Rights Reserved
New Challenges To Solve
 Threats Are Increasing
 Web 2.0 & SaaS
 Impacts to servers, users & networks
 Threats go invisible
 Poor Application Visibility
 Abundance of unknown
application use
 Ports are ineffective at blocking
application use
 Network misuse is rampant
4
 Increased Performance Demands
 Bandwidth efficiency is a top concern,
increasing security slows performance
 Admins don’t want the trade-off
between security and performance
For SonicWALL Partner Use All Rights Reserved
Current Solutions Present Challenges
Threats
Current
Required
Application Access
3
Application Layer Threats
Proxy
Software Vulnerabilities
2
Worms
IDS/IDP
Basic Applications
Legacy System Access
Complete
Inspection must
span the
communication
spectrum
1
Traditional Firewall
 Network safeguards are changing with threats; As threats move up the
OSI model, inspection must be more complete and scalable
 Application visibility is paramount to overcome the next generation of
threats and productivity issues
 Siloed solutions are the current response due to performance but
multi-layered protection is the future
5
For SonicWALL Partner Use All Rights Reserved
Next-Generation Security Requirements
What Is the Ideal Solution for Next-Generation Protection?
Solutions
Threats
Application Access
Application Layer Threats
App Layer
Software Vulnerabilities
Real-time Prot.
IDP/IPS/File
Worms
Basic Applications
Content Filter
DPI Firewall
Legacy System Access
Multi-Tiered Protection

Consolidated & Integrated Security Technology
 Covering a Wide Spectrum of Content-based, File-based & Application Layer
Attacks

Application Visibility
 Inspection of Real-time & Latency Sensitive Applications/Traffic

Scalable & High Performing
 High-Speed Protection Against Perimeter and Internal Network Challenges
6
For SonicWALL Partner Use All Rights Reserved
Introducing the NSA 2400MX
Introducing the NSA 2400MX
NSA 2400MX
 MSRP: $2,995
 SonicOS 5.7
 Key Features:
2+8 GbE Interfaces
16 FE Interfaces
Dual Expansion Slots (Future Use)
8
For SonicWALL Partner Use All Rights Reserved
 (8+2) GbE + 16 FE Interfaces, 2 USB, 1
Console
 Dual Expansion slots (Back)
 USB 3G/Analog Modem Failover
 Optional Stateful HA
 Advanced Switching
 Multi-WAN
 GAV/IPS/Anti-Spyware/Application
Intelligence
 Comprehensive Anti-Spam Service
 Expandable Wireless with SonicPoint-N
Dual-Band
 Integrated SSL VPN
 Virtual Assist/Access
Next-Generation Protection
Typical Protection
x Unprotected - 70% of traffic is not scanned
properly or at all
SonicWALL Solution
 Protected – 100% traffic scanning including
unlimited file sizes - Truly scalable UTM
x Slow Access - No method of distinguishing
business vs. non-business traffic
x Mystery Traffic - 25-35% Unknown
Application Use
x Limited Control - Uncontrolled Web access,
not tied to users; Non-business activity
overwhelms bandwidth; No end point
protection strategy
 Best-in-class Performance – Optimize the
network by distinguishing business vs. nonbusiness traffic; deploy gigabit networking
 Uncover App Usage – Identify unknown
application use with the Application Intelligence
feature set
 Ultimate Control – Control Web and application
access, from network to the end point
 Flexibility & Redundancy – Failover and high
availability options for the ultimate in business
continuity
 Increased Port Density/Switching – Provides
26 ports with advanced switching features for
internal connectivity
Office
Network
9
For SonicWALL Partner Use All Rights Reserved
Application Intelligence and Control
 Traditional Firewalls can only determine port and protocol
 SonicWALL’s Patented RFDPI Technology provides Application
Classification and Inspection offering 1,100+ pre-defined applications
 Control, Block or bandwidth limit what applications are used on a per
user basis
Non-Business Related
Business Related
Permit Business Related Applications
HTTP
Corporate Network
Internet
TCP
10
IM
Email
For SonicWALL Partner Use All Rights Reserved
Block or Bandwidth limit
Non-Business Related Applications
Next-Generation NSA Architecture
2010 Security
Requirements
1.
SonicWALL
Solution Features
Consolidated & Integrated Security
Technology
Multi-Tiered Protection Technology
2.
Application Visibility - Inspection of
Real-time & Latency Sensitive
Applications/Traffic
Patented Re-Assembly Free DPI (RFDPI)
3.
Scalable & High Performing
Enough to Protect Against
Perimeter and Internal Network
Challenges
Multi-Core High Performance Architecture
11
For SonicWALL Partner Use All Rights Reserved
NSA 2400MX Features
Application Intelligence
Intrusion Prevention
Anti-Malware
Content Filtering
SSL and IPSec VPN
 Multi-Function Security Integration
 Complete Threat Protection with IPS & AntiMalware/Virus/Spyware
 Content Control & Filtering
 Application Visibility
 Integrated Application Intelligence
 Bandwidth Management, Application Lists
 Ultimate Connectivity
Bandwidth Management
Anti-Spam
Wireless Management
Enforced Client Anti-Virus
Advanced Switching
12
For SonicWALL Partner Use All Rights Reserved
 “Clean VPN” Secure IPSec VPN
 SSL VPN Clients with Windows, MAC & Linux
 Exceptional User Policy Control
 Integrated Wireless Switch
 Switching Features
 Increased port density (8+2 GbE, 16 FE)
 VLAN Trunking, Link Aggregation, Layer 2 Discover
NSA 2400MX Compare Models Chart
13
NSA 240
NSA 2400
NSA 2400MX
NSA 3500
Interfaces
3 GbE, 6 FE, PC Card
Slot, 2 USB
6 GbE
8+2 GbE, 16 FE, 2
USB, 2 Module Slots
6 GbE, 2 USB
Stateful Throughput
600 Mbps
775 Mbps
775 Mbps
1.5 Gbps
IPS Throughput
195 Mbps
275 Mbps
275 Mbps
750 Mbps
GAV Throughput
115 Mbps
160 Mbps
160 Mbps
350 Mbps
UTM Throughput
110 Mbps
150 Mbps
150 Mbps
240 Mbps
IMIX Throughput
195 Mbps
235 Mbps
235 Mbps
580 Mbps
MAX UTM
Connections
32,000/50,000
125,000
125,000
175,000
Site-to-Site VPN
25/50
75
75
800
GVC Bundled/Max
2/25
10/250
10/250
50/1,000
SSL VPN
Bundled/Max
2/15
2/25
2/25
2/30
Virtual Assist
Bundled/Max
30-Day Trial/5
1/5
1/5
2/10
For SonicWALL Partner Use All Rights Reserved
NSA Lineup Including the NSA 2400MX
New
NSA E5500
NSA 4500
NSA 3500
NSA 2400
NSA 240
01-SSC-7020
01-SSC-8760
2-Core CPU
2-Core CPU
256 MB RAM
256 MB RAM
6 GbE Interfaces
3 GbE, 6 FE
Customer:
Customer:
Small
Organizations
Small
Organizations
Key Upsell:
Key Upsell:
 Provides
scalable
deployment
options for midsize networks
 Provides
scalable
deployment
options for midsize networks
 3 GbE, 6 FE,
PortShield
 WWAN
(3G/Modem)
100 Mbps UTM
14
NSA 2400MX
01-SSC-7016
01-SSC-7100
4-Core CPU
2-Core CPU
512 MB RAM
256 MB RAM
6 GbE Interfaces
8-Core CPU
E-Class Support 24x7
SKU: 01-SSC-7260
512 MB RAM
6 GbE Interfaces
2+8 GbE, 16 FE,
Dual Expansion
Slots
8-Core CPU
1 GB RAM
8 GbE Interfaces
Customer:
Customer:
Customer:
Branch Office
Small
Organizations/
Branch Offices
Branch Office
Customer:
Key Upsell:
Key Upsell:
Large Enterprise
• 4-Core design
provides a 60%
increase in threat
prevention
performance
 8-Core design
provides a 150%
increase in threat
prevention
performance
Key Upsell:
 Gigabit level
firewall
performance
 Includes
Stateful High
Availability for
increased
network reliability
Key Upsell:
 6 10/100/1000
interfaces for
Multi-WAN
failover, LAN and
DMZ
01-SSC-7012
SKU: 01-SSC-7008
 Increased port
density (16 FE,
2+8 GbE
Interfaces)
 Advanced
switching (Port
Bonding, VLAN
Trunking, Layer 2
QoS)
 Future Modular
Expansion
150 Mbps UTM
For SonicWALL Partner Use All Rights Reserved
 Increase in
Application
Intelligence
policies
 Increase in VPN
performance
 8 10/100/1000
interfaces for highspeed connectivity to
WAN, LAN and DMZ
networks
 Dedicated interface
for Stateful High
Availability
 LCD information
center
 Advanced 24x7
support
400 Mbps UTM
750 Mbps UTM
NSA 2400MX Offers the Following
Over the PRO 1260
■
■
■
■
■
■
(2+8) GbE Ethernet Interfaces with Future Modular Expansion
Advanced Switching Features
Application Intelligences and Control
Greater UTM Performance
Optional Stateful High Availability
SSL-VPN for Remote Access
NSA 2400MX
PRO 1260
8+2 GbE, 16 FE, 2 USB, 2 Module
Slots
27 FE
UTM Performance
150 Mbps
5 Mbps
UTM Connections
125,000
6,000
Application Intelligence and Control
Yes
N/A
Modular Expansion (Future)
Yes
N/A
Advanced Switching Features
Yes
N/A
Stateful High Availability
Yes
N/A
SSL-VPN
Yes
N/A
Interfaces
15
For SonicWALL Partner Use All Rights Reserved
Target Customers for the NSA
2400MX
 Current customers looking to upgrade their PRO 1260
Appliances
 Customers with Security and Switch Requirements
 Port Density
 VLAN Trunking, Link Aggregation, Port Security
 Customers looking for Application Intelligences and Control
16
For SonicWALL Partner Use All Rights Reserved
Qualifying Questions
 Does your customer have a requirement for increased portdensity?
 Does your customer have a requirement to decrease the
number of devices on their internal network?
 Does your customer have a requirement for increased
security across multiple switch ports?
 Does the customer have a need for additional switching
features on their network security appliance?
17
For SonicWALL Partner Use All Rights Reserved
Introducing SonicOS 5.7
 Advanced Switching
 TSA/Citrix Authentication
 Integrated Load Balancing
 Application Bandwidth
Management
 Single Sign-On
 Route-based VPN
 Fully Dynamic GUI
 And more…
SonicOS 5.7 Redefines Deployment & Management
Simplicity and Functionality
18
For SonicWALL Partner Use All Rights Reserved
“New” in SonicOS 5.7
Switching features available on the NSA 2400MX
 VLAN Trunking
 Layer 2 Discovery
 Link Aggregation
 Port Security
 Layer 2 QoS
 Rate Control
 Rapid Spanning Tree
 Port Mirroring
19
For SonicWALL Partner Use All Rights Reserved
VLAN Trunking
 Provides the ability to “Trunk” different VLANs between multiple
switches
 Customer Advantage: Simplifies VLAN management and configuration
by reducing the need to configure VLAN information on every switch
20
For SonicWALL Partner Use All Rights Reserved
Layer 2 Discovery
 Uses IEEE 802.1AB (LLDP)/Microsoft LLTD protocols and switch
forwarding table to discover devices visible from a port
 Customer Advantage: Provides Layer 2 network information for all
devices attached to the NSA 2400MX
21
For SonicWALL Partner Use All Rights Reserved
Link Aggregation
 Aggregate ports to increase performance and redundancy
 Customer Advantage: Can increase performance and port redundancy
when connected to a switch/server that supports aggregation
22
For SonicWALL Partner Use All Rights Reserved
Port Security
Provides the ability to bind
MAC Address/Addresses to
a specific port interface
 Customer Advantage: Allows administrators to bind trusted MAC
address/addresses to a specific port to decrease unauthorized
access on that port
23
For SonicWALL Partner Use All Rights Reserved
SonicWALL Services
24
For SonicWALL Partner Use All Rights Reserved
Gateway Anti-Virus, Anti-Spyware, IPS
Intelligent, Real-time Network Security Protection
Gateway AV, Anti-Spyware and Intrusion Prevention:
 Delivers real-time gateway scanning for viruses,
worms, Trojans and more
 Blocks installation of malicious spyware at gateway
 Protects against network-based application layer
threats by scanning for software vulnerabilities such
as buffer overflows and back-door exploits
 Application Intelligence* provides bandwidth
management, application level access and data
leakage controls
 Utilizes dynamically updated database containing
thousands of threat signatures
*Available on TZ 210, NSA and E-Class NSA Series appliances
Did You Know?
SonicWALL’s solution is unique in its ability to handle unlimited file sizes
and virtually hundreds of thousands of concurrent downloads
25
For SonicWALL Partner Use All Rights Reserved
Content Filtering
Unequalled Content Filtering Enforcement
Content Filtering Service (CFS):
 Blocks inappropriate and illegal content, reduces
organizational liability and increases productivity
 Allows granular level blocking based on pre-defined
categories
 Utilizes a vast ratings database of ~16M million
Web site entries
 Apply access or denial policies on up to 56
categories by individual or group identity, or by time
of day with CFS Premium Edition
Did You Know?
To receive eRate funding you are required by law to install a content
filtering solution in compliance with the Children’s Internet Protection Act
26
For SonicWALL Partner Use All Rights Reserved
Reporting and Graphs
Instant Visibility Into Your Network
ViewPoint:
 Allows for early security protection
 Understand and respond to malicious activities
 Delivers insight into firewall activity
 Understand and control the use of Internet activities
 Reduces productivity losses
 Understand user behavior; identify bandwidthintensive activities
 Controls costs by enabling more efficient
bandwidth utilization
 Understand bandwidth usage; anticipate future needs
Did You Know?
ViewPoint enables you to create on-demand and scheduled reports that
can be exported in a variety of formats for distribution
27
For SonicWALL Partner Use All Rights Reserved
Combined Package
Complete Network Security in One Package
Comprehensive Gateway Security Suite:
 Combines Gateway Anti-Virus, Anti-Spyware, Intrusion
Prevention, Application Intelligence*, Content Filtering,
24x7 Support and ViewPoint reporting in one solution
 Keeps your network safe from viruses, spyware, worms,
Trojans and more
 Turns your SonicWALL firewall into a Unified Threat
Management solution
 Automatic signature updates stop attacks before they can
enter your network, ensuring around the-clock protection
* Available on TZ 210, NSA and E-Class NSA Series appliances
Did You Know?
SonicWALL CGSS saves you up to 75% off the
cost of purchasing the services individually
28
For SonicWALL Partner Use All Rights Reserved
Enforced Client Protection
Automated and Enforced Client AV Protection
Client/Server Anti-Virus Suite:
 Delivers gateway-enforced, layered virus and
spyware protection for desktops and laptops and
comprehensive virus protection for servers
 Provides automated signature updates, eliminating
machine-by-machine deployment
 Ensures all computers accessing the network have
the latest software installed, updated and active
 Centralized desktop firewall blocks unwanted
Internet access to or from the computer
Did You Know?
Client/Server Anti-Virus Suite allows you to create on-demand and
scheduled Web-based reports that give you a real-time view of your
network, anti-virus and anti-spyware environment
29
For SonicWALL Partner Use All Rights Reserved
VPN Clients
Secure Remote Access to Network Resources
Global VPN Client and SSL VPN for UTM:
 Provide two easy-to-use, easy-to-manage options
for secure remote access to network resources
such as files, applications and email
 Utilize SonicWALL Clean VPN technology to scan
and clean incoming traffic
 Allow you to add user licenses quickly and easily as
your network grows
 SSL VPN for UTM utilizes SonicWALL NetExtender
technology on Windows, Mac and Linux PCs
Did You Know?
SonicWALL TZ 200/210, NSA and E-Class NSA firewalls
include Global VPN Client & SSL VPN user licenses for
secure remote access from any location
30
For SonicWALL Partner Use All Rights Reserved
Email Protection
Remove junk email before it enters your network
Comprehensive Anti-Spam Service (CASS)
 Easy to activate – Activates with one click,
requires minutes to configure.
 Works immediately – once activated the service
will immediately start to block spam, phishing
and virus-laden email.
 Saves bandwidth – Blocks and rejects junk email
at the gateway, before it enters your network.
 Saves time – The TZ or NSA network security
appliance is your single point of management for
all traffic going through the device, including
spam.
Did You Know?
Spam, phishing and virus-laden email makes up over 90% the
email traffic an organization receives each day
31
For SonicWALL Partner Use All Rights Reserved
Maximize Your Investment
SonicWALL Global Support Services Make a Difference!
Global Support Services:
 Only through an active support agreement can
you get:
 Access to the latest features and firmware releases
 24x7x365 technical support if there’s ever a problem
 Advance Exchange hardware replacement in the
event of failure
 Support is available as a stand-alone contract or
as part of a software or hardware bundle
Did You Know?
SonicWALL is a two-time SSPA STAR award finalist for
“Service Excellence in Emerging Business Support”
Next Generation Protection, Today
 High-performance, scalable UTM security
 Multi-core architecture for increased performance
 Application Intelligence and Control
 IPS, GAV and Anti-Malware inspection
 Flexible and redundant connectivity
 Multi-WAN Failover and Load Balancing
 Optional Stateful High Availability
 Increased port density and advanced switching feature set
 26 interfaces
 VLAN Trunking, Link Aggregation, Layer 2 Discovery
NSA 2400MX Hardware/Support
NSA 2400MX Hardware and HA
NSA 2400MX
01-SSC-7100
NSA 2400MX TotalSecure 1 Year
01-SSC-8854
NSA 2400MX High Availability Unit
01-SSC-8855
SonicWALL Stateful HA Upgrade for NSA 2400 Series
01-SSC-7095
Support Services
SonicWALL Dynamic Support 8 X 5 for 2400 Series 1YR
SonicWALL Dynamic Support 8 X 5 for 2400 Series 2YR
SonicWALL Dynamic Support 8 X 5 for 2400 Series 3YR
SonicWALL Dynamic Support 24 X 7 for 2400 Series 1YR
SonicWALL Dynamic Support 24 X 7 for 2400 Series 2YR
SonicWALL Dynamic Support 24 X 7 for 2400 Series 3YR
SonicWALL Software and Firmware Updates for 2400 Series 1YR
SonicWALL Software and Firmware Updates for 2400 Series 2YR
SonicWALL Software and Firmware Updates for 2400 Series 3YR
34
SKU
For SonicWALL Partner Use All Rights Reserved
SKU
01-SSC-7245
01-SSC-7246
01-SSC-7247
01-SSC-7248
01-SSC-7249
01-SSC-7250
01-SSC-7251
01-SSC-7252
01-SSC-7253
NSA 2400MX Security Services
Security Service
SKU
GAV/IPS/Anti-Spyware/ Application Intelligence Service
Gateway Anti-Virus and IPS for NSA 2400 Series 1YR
Gateway Anti-Virus and IPS for NSA 2400 Series 2YR
Gateway Anti-Virus and IPS for NSA 2400 Series 3YR
01-SSC-6135
01-SSC-6142
01-SSC-6158
Content Filtering Premium Service
Premium Content Filtering Service for NSA 2400 Series 1YR
Premium Content Filtering Service for NSA 2400 Series 2YR
Premium Content Filtering Service for NSA 2400 Series 3YR
01-SSC-7334
01-SSC-7341
01-SSC-7348
Comprehensive Gateway Security Suite
Comprehensive Gateway Security Suite for NSA 2400 Series 1YR
Comprehensive Gateway Security Suite for NSA 2400 Series 2YR
Comprehensive Gateway Security Suite for NSA 2400 Series 3YR
35
For SonicWALL Partner Use All Rights Reserved
01-SSC-9225
01-SSC-9232
01-SSC-9239
Question/Answer
Thank You