dell presentation template standard 4:3 layout overview and ge… · file transfers, sharing ftp,...

Dell SonicWALL Next Generation Firewall(Gen6) and

Integrated Solution

Colin Wu / 吳炳東

[email protected]

2 SonicWALL Confidential

Agenda

• Company Overview

• Dell SonicWALL Product Line-Up

• Architecture

• Firewall security services

• Add-on products – Wireless – WAN optimization – GMS – Analyzer – Scrutinizer – SSO

• Deployment Scenarios


Company Overview


Dell SonicWALL’s legacy

1991 1996 2005 2007 2010 2011 2012

Founded

Became leading

provider of subscription services on optimized appliances

Became the leader in unit

share for Unified Threat Management

Firewall appliances

Shipped one million

appliances worldwide

Named to Visionaries Quadrant,

Gartner Magic Quadrant for

SSL VPN

Thoma Bravo and SonicWall entered into a partnership

Positioned as “Leader” in

Gartner UTM Magic Quadrant

Positioned as “Visionary” in

Gartner SSL VPN Magic Quadrant

Announced SuperMassive™

E10000 Series

SNWL Earns NNS Labs

Recommended Rating for

NGFW SVM

Shipped two million

appliances worldwide

5/9: Joined the Dell family


Dell SonicWALL – Taiwan

• Contact Info

– $ relevant Jovi Chen 0911-884-831 [email protected]

Grace Kuo 0920-407-377 [email protected]

– Tech relevant Colin Wu 0937-559-460 [email protected]

[email protected]

mailto:[email protected]





Dell SonicWALL Product Line-Up


Dell SonicWALL Product Line-Up Network security

App Intell & Control

GAV/ASW/ IPS

CASS Enforced Anti-Virus

Content Filtering

Global VPN Client

SSL VPN Client

Virtual Assist

GMS Analyzer Scrutinizer

Mobile Connect

WAN acceleration

Policy & management

Secure Virtual Access

Web App Firewall

Connect Mobile

Spike Access

Secure Virtual Assist

Advanced Reporting

Native Access Modules

Mobile Connect

EPC

Secure remote access

Secure Virtual Meeting

SonicPoint-ACi / ACe / N2


Dell SonicWALL Next-Gen Firewalls & Unified Threat Management firewalls

SuperMassive E10000 Series

Data centers, ISPs

E-Class NSA Series

Medium to large organizations

NSA Series

Branch offices and medium sized organizations

TZ Series

Small and remote offices

E10200 E10400 E10800

NSA E8500 NSA E6500 NSA E5500 NSA E8510

NSA 4500 NSA 3500 NSA 2400

NSA 250M

NSA 220

TZ 205 TZ 105 TZ 215


Dell SonicWALL Next-Gen Firewalls & Unified Threat Management firewalls

SuperMassive E10000 Series

Data centers, ISPs

E-Class NSA Series

Medium to large organizations

NSA Series

Branch offices and medium sized organizations

TZ Series

Small and remote offices

E10400 E10800

NSA 220

NSA 250M

NSA 4600

NSA 5600 NSA 6600

NSA 3600 NSA 2600

E9800/ 9600/9400/9200

TZ300/400/500 SOHO TZ600


Dell SonicWALL NGFW Lineup

SuperMassive E10800 SuperMassive E10400 SuperMassive E10200

Supermassive 9800 Supermassive 9600 SuperMassive 9400 SuperMassive 9200

SMB/Campus/Branch

Enterprise, Data Center Dell SonicWALL SuperMassive Series

SOHO TZ300 / TZ 400 TZ500 / TZ 600

Dell SonicWALL TZ Series

Dell SonicWALL NSA Series

Dell SonicWALL New NSA Series

NSA3600 NSA4600 NSA5600 NSA6600

NSA220 NSA250M NSA6400


Architecture


The SonicWALL design principles for high performance Scan Everything – Every bit, every protocol, every user & application

SonicWALL solution features

Scalable & high performing enough

to protect against perimeter and

internal network challenges

Multi-tiered protection technology

Security requirements

Re-Assembly Free DPI (RFDPI)

Multi-core high performance architecture

Consolidated & integrated security

technology

Application Visibility - Inspection of

Real-time & latency sensitive

applications/traffic


Highly Efficient Single-Pass RFDPI Security Engine Proven & Proprietary Reassembly Free Deep Packet Inspection

Preprocessors

Postprocessors

TCP Reassemb

ly

Policy Decision

API

Deep Packet Inspection Engine

(Anti-Malware, IPS, Application)

Pattern Definition Language Interpreter

Signature

Signature Input

Packet Output Packet

NGFW Integrated Architecture:

Low-Latency Ultra-Scalable Single Pass Deep Packet Inspection Engine

Traditional

Firewall with modules

Linearly Scalable on a Massively Multi-Core Architecture

96 Cores 1 Core


NGFW Orientation –Reassembly Free Deep Packet Inspection

A ?

T

M

?

T ?

Y

A ?

E

C ?

I

K

H

A

P

N

N

M

Z

I

D

M

E

E

C

A

E

N

D

A

N

N

T

L

T

T

DROP


Differentiator RFDPI

RFDPI Engine

IPS SSL

Decryption

Threat Prevention

Content & URL

Filtering

Application Visualization

Application Control


Firewall security services


Firewall Security Services

Intrusion Prevention Protects against a comprehensive array of network-based threats and vulnerabilities

Intelligence, Control and Visualization

Content Filtering Service Blocks inappropriate, illegal and dangerous Web content

Real-time gateway anti-virus scanning and dynamic spyware protection

Granular control & real-time visualization of applications running on your network for maximum security & productivity

Gateway Anti-Virus and Anti-Spyware

17

Comprehensive Anti-Spam Service

Stops spam, phishing & malware at the gateway

Enforced Client Anti-Virus & Anti-Spyware

Automated client anti-virus and anti-spyware deployment and management

UTM SSL VPN Secure access to resources on the corporate network for remote and mobile employees


Gateway Anti-Virus and Anti-Spyware

SMTP, POP3

File transfers, sharing

FTP, IMAP, HTTP etc

IM & P2P

Scans & Blocks installation of malicious

spyware and disrupts background

communications from existing spyware programs that transmit confidential data All protocols across every port, including SSL

traffic with DPI SSL.

30M+ signatures detecting millions

of pieces of malware and intelligent enough to detect

new variants providing effective zero-day

protection

Unlimited Dell SonicWALL

Reassembly-Free Deep Packet Inspection engine

scans analyzes all files in real time—regardless of file size

or compression.

19,000+ anti-virus Local signatures

3,300+ antispyware Local signatures

30,732,000+ signatures available on the cloud AV Database


Comprehensive • Botnet command & control traffic detection & blocking •DoS / Flood detection • Protocol abuse / anomaly based detection • Geographical IP monitoring & blocking • Data normalization to prevent evasion • SSL traffic decryption & inspection?

Intrusion Prevention

(1) IDC's Worldwide Mobile Worker Population 2009-2013 Forecast (2) Cisco Connected World Technology Report, 2011

5,000+ IPS Local signatures Scan & Block software vulnerabilities

such as buffer overflows, peer-to-peer and instant

messaging exploits, backdoor attacks, and

other malware.


Application Intelligence, Control and Visualization

Identify 3700+application signatures

By Application

• Not by Port & Protocol

By User/Group – LDAP/SSO

• Not by IP

By Content Inspection

• Not by Filename

Categorize • By Application • By Application Category • By Destination • By Content • By User/Group

Control • Prioritize Apps by Policy • Manage Apps by Policy • Block Apps by Policy • Detect and Block Malware • Detect & Prevent Intrusion Attempts •Manage network bandwidth

Beyond ports & protocols


Content Filtering Service

16M+ Website rating database used to block inappropriate and illegal content, reduces organizational liability and increases productivity

56+ • Granular level blocking based on pre-defined categories. • IP-based HTTPS content filtering to control user access to web sites over encrypted HTTPS

Report & Analyze Application traffic analytics suite - integration with Dell SonicWALL GMS® , Analyzer & Scrutinizer provides real-time and historic analysis of data transmitted through the firewall.

Did You Know? To receive eRate funding you are

required by law to install a

content filtering solution in

compliance with the Children’s

Internet Protection Act.


Enforced Client Anti-Virus and Anti-Spyware Software

Automated & Enforced

deployment of Anti-virus and Anti-spyware software to endpoints using the firewall enforcement engine minimizes administrative overhead

Always-on and most current Anti-virus protection with no end-user intervention, improves productivity and lowers security management

Policy & Reporting

Integrated policy engine with comprehensive reporting on state of each user, historical data on past infection detections and many more.

Ideal for Distributed Enterprises

Powered by McAfee


SSL DPI – Across other services

Extends Deep Packet inspection to SSL traffic scanning both LAN and WAN traffic for threats and vulnerabilities

Across Scans for SSL traffic across other security mechanisms like URL filtering, IP & GAV

Granular control Inclusion/Exclusion list to customize which traffic DPI-SSL inspection allows better management of CPU

De

ep

Pa

ck

et

Insp

ec

tio

n

NGFW Breaking the Typical Target Initiated Attack Cycle


Network Traffic Visualization

Real-time Traffic Breakdown User Traffic Consumption

Identify P2P Traffic

Bandwidth Breakdown App Traffic Drilldown


Add-on products -Wireless -WAN optimization -GMS -Analyzer -Scrutinizer -SSO


Clean Wireless

Clean Wireless Beyond encryption,

provides threat detection and

prevention scanning for all wireless traffic

High performance “AC” connectivity

Act as a replacement for wired connectivity, with

speed and extended range

Simple Deployment Centralized

management and auto-provision to remove the

complexity of high speed secure wireless

using Firewall as a wireless controller


WAN Acceleration (WXA) Series

Optimize Network Efficiency

LAN-like performance over the WAN to decrease latency and chattiness leading to a better user experience

WXA Features Protocol optimization Compression Byte caching/data de-duplication SMB/CIFS Acceleration HTTP (Web) caching

Simple Deployment Management of Security, WAN Acceleration, VPN, etc. from a single console

Automatic provisioning of the WXA appliances

Onboard Visualization to see acceleration benefits

WXA 500 Live CD

WXA 2000

WXA 4000

WXA 5000

WXA 6000 Software


Management and Reporting

Centralized Management of Security Policies and

Real-time Reporting of Security Events

Global Management System GMS

Centralized management, visualization, monitoring & alerting, analytics & reporting for Dell SonicWALL appliances.

Global Management System Centralized visualization, analytics &

reporting for Dell SonicWALL security appliances.

28

Comprehensive Anti-Spam Service

Scrutinizer IP data-flow monitoring, visualization, analytics & reporting for any network appliance.

Analyzer


Analyzer

(1) IDC's Worldwide Mobile Worker Population 2009-2013 Forecast (2) Cisco Connected World Technology Report, 2011

Dell SonicWALL Analytics and Reporting

Issues • Difficulty capturing data

for regulatory compliance audits.

• Hard to identify disruptive users.

• Hard to prove SLA levels.

Solution • Centralized console that

is easy-to-use and affordable.

• Integrated features incl. logging, analytics, and historical reporting.

Benefits • Greater efficiency via a

streamlined console. • Accurate compliance

reports via relevant data. • Higher productivity via

user activity reporting.

• Guaranteed high SLAs

and security uptime.


Scrutinizer

Identify 5000+application signatures

By Application

• Not by Port & Protocol

By User/Group – LDAP/SSO

• Not by IP

By Content Inspection

• Not by Filename

Categorize • By Application • By Application Category • By Destination • By Content • By User/Group

Control • Prioritize Apps by Policy • Manage Apps by Policy • Block Apps by Policy • Detect and Block Malware • Detect & Prevent Intrusion Attempts •Manage network bandwidth

Multi-vendor IP Data Flow Analytics and Reporting

Solution • Uncover bottlenecks and

optimize network design with a multi-vendor tool.

• Identify infected hosts inside the corporate network for remediation.

• Deliver granular reports of user, website, and application usage activity.

Issues • Imprecise isolation of

network performance issues in complex data networks.

• Untraceable breaches from within a corporate data network.

• Non-business data traffic that misuses company resources and employee time.

Benefits • Lower network costs via

optimized, bandwidth utilization.

• Proactive mitigation of

security threats before loss

occurs.

• Higher productivity by

managing user activity.


Global Management System (GMS)

Issues • High cost of managing

complex security networks. • Difficulty capturing data

for regulatory compliance audits.

• Hard to identify disruptive users.

• Cumbersome license management & renewals.

• Hard to prove SLA levels.

Solution • Centralized console to

manage, monitor, and report on SonicWALL appliances.

• Integrated features incl. logging, analytics, change control, license tracking, and historical reporting.

• Simplified tracking of license and subscription services inventory.

Benefits • Greater efficiency via a

streamlined console. • Accurate compliance

reports via relevant data. • Higher productivity via

user activity reporting.

• Greater profitability via

recurring renewals.

• Guaranteed high SLAs

and security uptime.

Dell SonicWALL Policy Management, Analytics, and Reporting


SSL VPN for firewalls

Clean VPN enables employees to telecommute safely by protecting and securing

the integrity of both IPSec and SSL VPN

access

SSL and IPSec clients

on windows, Mac, iOS and Android platforms

can be used to connect to access network resources like files,

applications and email

Gateway enforcement

And ease of management and

configuration flexibility


Single Sign-On Overview

• SSO is a transparent user authentication that provides access to network resources with a single login.

User Workstation

Authorized

passwrd123

No need for additional authentication!

Access Rules

Security Services


SonicWALL SSO Agent


Deployment Scenarios


Top Deployments 1. Traditional NAT Gateway with Security & Remote Access

2. High Availability Modes – Active/Passive with State Synchronization

– Active/Active DPI with State Synchronization

– Active/Active Clustering

3. In-Line Deployments: Wire mode or Layer 2 Bridge Mode, Tap Mode – Easy Network Insertion, no network re-numbering

4. “Clean Wireless” Deployment – Firewall as a wireless controller

– DPI on all wireless traffic

5. “CleanVPN” Deployment – Firewall as a VPN Concentrator

– DPI on all incoming VPN traffic

6. VPN Concentrator for Distributed Enterprise – Global Management System (GMS) to provision and manage branch offices

– Connectivity through central SuperMassive or E-Class NSA firewall

– All security done at the central site

7. Network Segmentation (Security Zones) – Network Segmentation via VLAN & Security Zones

– Different Security policies for each Security Zone


NGFW Wire & L2 Bridge Mode Deployment NGFW insertion into a network with an existing gateway firewall

Layer 2 Bridge or Wire Mode Deployment

Discover application usage & threats leaking through the traditional firewall

Before After


Solution Architecture (Connectivity)

Demo Rack

NGFW 120G – 320G Throughput Firewall


NGFW 120G – 320G Throughput Firewall


Solution Architecture (walking down the disaster lane)

X X X X

X

X


“Clean Wireless” Deployment


Dell SonicWALL WXA Series deployment scenario


Thank You

dell presentation template standard 4:3 layout overview and ge… · file transfers, sharing ftp,...

Documents