SonicWALL Protects
Download
Report
Transcript SonicWALL Protects
It’s A New World
The Business Impact
Most of your network traffic will be coming from outside the private network you are
trying to secure
2001: Network Perimeter
2008: Resource Perimeter
Customer or
Supplier
Behind a
Firewall
VOIP Users
Internal
Users
Corporate Data
Centers
Traveling
Executives
Employee
at a Kiosk
Employee Using
a Wireless
Hotspot
External Users
Customers or
Suppliers
Remote Access
2
CONFIDENTIAL All Rights Reserved
Corporate Data
Centers
Day
Extenders
Employee
PDA User
Fundamental Changes
in Technology
Ubiquity of broadband
Proliferation of mobile devices
Rise in IP telephony
Increased teleworking
3
CONFIDENTIAL All Rights Reserved
Enterprise-class Networking
Drivers & Trends
Business Drivers
Technology Trends
Growth in real-time applications
Reduction in operating costs
SaaS / Web 2.0
Focus on TCO
Virtualization of services
Mobilization of the workforce
Data Center consolidation
Compliance
Outsourcing growth
Gaining competitive advantage
Infrastructure Demands
Growth in bandwidth; thirst for
unimpeded traffic routing
Integration concerns
Handling latency sensitive traffic
becomes challenging – voip, collab.
De-perimeterization
4
4
The Communications Landscape Is Rapidly Evolving
CONFIDENTIAL All Rights Reserved
Your Users are Increasingly Out
of Your Control
Day
Extenders
Kiosks/Public
Machine Users
Home Office
Users
Traveling
Executives
Users
Devices
Network environments
Mobility
Remote access
Business
Partners/
Extranet Users
Wireless LAN
Users
VOIP Users
Network
Applications
and Resources
5
CONFIDENTIAL All Rights Reserved
PDA & Smart
Phone Users
Internal Users
External Users
Current Solutions Present Challenges
Solutions
Traffic
Application Access
3
Application Layer Threats
Proxy
Software Vulnerabilities
2
Worms
IDS/IDP
Basic Applications
Legacy System Access
1
Traditional Firewall
6
Lack of integration and correlation between solutions increases
management overhead, complexity and cost
Lowered performance and higher false positive rate; inability to
handle real-time traffic increases risk
Policy focuses on blocking ports rather than widespread
inspection of applications and application threats
CONFIDENTIAL All Rights Reserved
SonicWALL Solution Suite
Business Continuity
Content Security
Continous Data Protection
Email Security & CSM
Secure Wireless
Global Management
Remote Access
SonicPoint
GlobalManagementSystem
SSL-VPN
Network Security
7
CONFIDENTIAL All Rights Reserved
worldwide customer
more than 1 million appliances
8
CONFIDENTIAL All Rights Reserved
Enterprise-Products: SonicWALL E-Class
Network Security Appliance E5500
Network Security Appliance E6500
Network Security Appliance E7500
SonicWALL Aventail EX -750
SonicWALL Aventail EX-1600
SonicWALL Aventail EX-2500
Email Security ES 6000
Email Security ES 8000
GMS (Global Management System)
9
CONFIDENTIAL All Rights Reserved
SonicWALL NSA E-Class Series
E7500
E6500
E5500
Enterprise-class Deep Packet
Inspection and Application Firewall
Revolutionary Multi-Core
Performance
Threat Protection over both External
RTDPI
RTDPI Engine
Engine Architecture
Architecture
and Internal Networks
+
+
Unified Threat Protection
Re-Assembly Free Design
Integrated Business Continuity & High
Multi-Core
Availability Features
The SonicWALL® Network Security Appliance (NSA) Series - the first multicore Unified Threat Management (UTM) platform that delivers enterpriseclass deep packet inspection without compromising performance
10
CONFIDENTIAL All Rights Reserved
Next Generation E-Class Architecture
Enterprise-class
Requirements
1.
SonicWALL
Solution
Consolidated & Integrated
Security Technology
Multi-Tiered Protection Technology
2.
Inspection of Real-time &
Latency Sensitive
Applications/Traffic
Patented Re-Assembly Free Inspection
3.
11
Scalable & High Performing
Enough to Protect Against
Perimeter and Internal Network
Challenges
CONFIDENTIAL All Rights Reserved
Multi-Core High Perf. Architecture
E-Class Features/Benefits
1. Security Integration
2. Ultimate Connectivity
Complete UTM Protection with Gateway
Anti-Virus, Anti-Spyware and IDP
Next Generation Application Firewall
Content & Application Filtering
“Clean VPN” Protection
Secure IPSec Site-to-Site VPN
Connectivity
Exceptional User Policy Control and
Access to Resources
Wireless Mobility
Network Availability
3. Reliability & Optimization
4. Flexible Deployments
Highly Redundant Hardware – Power/Fans
One Point of Network Control
Business Application Prioritization & QoS
Integrated Server Load Balancing Feature-set
12
CONFIDENTIAL All Rights Reserved
Data Center, Campus & Department
Network Applications
Transparent L2 Bridge Mode
Integrated Wireless Switch Deployment
Ease of Deployment & Management
NSA E-Class Series Overview
The NSA E Class is offered at three price points
NSA E7500
NSA E7500
The Ultimate in UTM, FW and VPN performance
5GB FW / 1GB UTM / 1.2 GB IPS
CPU: 16 Core 600Mhz – 9.6 Ghz of Processing Power
Interfaces: 4 Gig auto-sensing copper; 4 Gig SFP
Features: Information Center; Dual Power Supplies; Dual Redundant Fans
NSA E6500
NSA E6500
Best in Class UTM, FW and VPN performance
3GB FW / 750Mbps UTM / 850Mbps IPS
CPU: 16 Core 550Mhz – 8.8 Ghz of Processing Power
Interfaces: 8 Gig auto-sensing copper
Features: Information Center: Dual Redundant Fans
NSA E5500
NSA E5500
13
CONFIDENTIAL All Rights Reserved
Mid-Enterprise Performance & Value
2 GB FW / 400Mbps UTM / 550Mbps IPS
CPU: 8 Core 550Mhz – 4.4 Ghz of Processing Power
Interfaces: 8 Gig auto-sensing copper
Features: Information Center; Dual Redundant Fans
NSA Feature: Application Visibility
Traditional Firewalls can only determine port and protocol
Control, Block or bandwidth limit what applications are used on a per
user basis
SonicWALL’s Patented RFDPI Technology provides Application
Classification and Inspection
Non-Business Related
Business Related
Permit Business Related
HTTP
Corporate Network
IM
Internet
TCP
Email
Block or Bandwidth limit
SonicWALL Deep Intelligence
Network Visibility
Deep Intelligence
Bandwidth
Intelligence
VPN
Reporting
Employee
Net Usage
Threat
Information
Top VPN
Users
Application
Usage
Bandwidth
Misuse
Pro-Active Alerting
Alert Your Staff
SonicWALL
UTM Appliance
IT Actionable Info
No Intelligence
VPN
Threats
Protocols
Attacks
End User Activities
HTTP
FTP
IM/P2P
Mail
Network Traffic
Potential Threats
SonicWALL UTM & ViewPoint Delivers Deeper Business Intelligence
15
CONFIDENTIAL All Rights Reserved
Best-of-Breed Performance
“This box offers 1.3Gbps of UTM performance, which
is nearly triple the speed of the fastest product in our
comparative UTM test last November “
“Overall, the E7500 provides a dramatic boost in speed
that makes UTM possible in enterprises needing
gigabit speeds.”
Joel Snyder
SonicWALL’s Performance Advantage
Patented Re-Assemble Free Deep Packet Inspection
Engine (RFDPI)
Multi-core architecture offers parallel processing for
increased scalability
On-chip security co-processing and hardware acceleration
**Competitive data obtained from vendor datasheet.
SonicWALL Email Security
IT Security Concerns
Top 5: Virus, Spyware, SPAM, Intrusion & Theft
18
CONFIDENTIAL All Rights Reserved
Spam
Many messages are obviously spam
19
CONFIDENTIAL All Rights Reserved
Is it Spam?
Other messages will be disagreed upon
20
CONFIDENTIAL All Rights Reserved
Phishing
Some emails are easy to determine as phish
21
CONFIDENTIAL All Rights Reserved
Phishing?
Sometimes it is hard to tell
22
CONFIDENTIAL All Rights Reserved
Outbound Risks and Compliance
•U.S. Federal: HIPAA, GLBA, SOX, Sec 17a-4, NASD3010, PATRIOT Act Section 326
•European: Safe Harbor, EU Data Protection Directive 95/46
•Organization: VISA CISP, MasterCard Site Data Protection Program, FERPA
•State: CA SB 1386 & AB 1950 / NY Bill A04254 / IL H.B. 1633
•Corporate: Prevent offensive language, add disclaimers, block files
•Many more…
All organizations need to be address compliance requirements
23
CONFIDENTIAL All Rights Reserved
Inbound and Outbound Threats
Threats Require Inbound and Outbound Protection
24
CONFIDENTIAL All Rights Reserved
Proliferation of Systems
Typical Mail Data Center
Management of Multiple Systems Becomes Complex
25
CONFIDENTIAL All Rights Reserved
Collect Worldwide Threat Data
26
CONFIDENTIAL All Rights Reserved
Analyze for Bad/Good Email Patterns
Bad Pattern
Good Pattern
50 people
40 million emails
… in 6 different countries
… sent by [email protected]
… receive a new attachment
… from 3 IP addresses
…that has never been seen before
… in Seattle
… within 30 minutes
… and never junked
Likely Virus
27
CONFIDENTIAL All Rights Reserved
Good Email
Cross Analyze Patterns with
Content Evaluation and Reputation
SonicWALL Determines a Definitive Judgment – Not Just a Score
28
CONFIDENTIAL All Rights Reserved
SonicWALL Email Security Stops
Today’s and Tomorrow’s Threats
Threats Evolve – SonicWALL Protects
29
CONFIDENTIAL All Rights Reserved
SonicWALL Email Security
Anti-Spam, Anti-Phishing, Anti-Virus
Compliance and Policy Management
Appliance and Software options
Works with any email system (SMTP)
Unified inbound and outbound protection
Installs in < 1 Hour…managed in < 10 minutes/week
For businesses from Less than 50 users to Over 5000 Users
30
CONFIDENTIAL All Rights Reserved
Quick Configuration
31
CONFIDENTIAL All Rights Reserved
5 Steps to Configure
Full install in < 1 hour
High availability options
Anti-Spam, Anti-Phishing, Anti-Virus
Complete protection
Inbound/Outbound
Spam, Virus, Phishing
Zombies, DHA, DoS
Automatic updates
No rules to write
Complete flexibility
Per-user and per-group
32
CONFIDENTIAL All Rights Reserved
Administrative and End-User Junk Box
Web-based Junk Box
Search, sort, preview
View all threats
1-click UnJunk
Retrieves
Adds to allowed list
Provides feedback
Administrative, End-User
33
CONFIDENTIAL All Rights Reserved
Junk Box Summary
Easy quarantine view
Email summary
Configurable
34
CONFIDENTIAL All Rights Reserved
Frequency
Specific time and day
11 languages
All or just questionable
Preview and UnJunk
1-click
Email Policy & Compliance Approach
Robust tools to Identify, Monitor, and Enforce
35
CONFIDENTIAL All Rights Reserved
Policy and Compliance Management
Powerful filters
36
CONFIDENTIAL All Rights Reserved
Search any message part
Scan within attachments
Check for disguised text
Match against dictionaries
Judgment-based policies
15 action options
Bounce, quarantine, log
Add disclaimers
Strip attachments
Etc.
Apply to specific groups
LDAP-based
Email Auditing
Full email audit
All good mail
All bad mail
Inbound
Outbound
Searchable
From, To, Subject
Today or multi-day
Detailed information
Per-recipient data
Full audit trail
37
CONFIDENTIAL All Rights Reserved
Reporting and Monitoring
25+ Web-based reports
Dashboard, System Status
Spam, Phishing, Virus
Policy and Compliance
Return-on-Investment
Custom reports
Emailed reports
Schedulable reports
38
CONFIDENTIAL All Rights Reserved
Instant Deployment
39
CONFIDENTIAL All Rights Reserved
High Availability Deployment
40
CONFIDENTIAL All Rights Reserved
Thank you.
www.sonicwall.com