Network Security & Firewalls

SonicWall Network Security appliance (NSa) series

Industry-validated security effectiveness and performance for mid-sized networks and distributed enterprises and data centers

The SonicWall Network Security appliance (NSa) series provides midsized networks, branch offices and distributed enterprises with advanced threat prevention in a high-performance security platform. Utilizing innovative deep learning technologies in the SonicWall Capture Cloud Platform, the NSa series delivers the automated realtime breach detection and prevention organizations need.

Cutting-edge threat prevention with superior performance

Today's network threats are highly evasive and increasingly difficult to identify using traditional methods of detection. Staying ahead of sophisticated attacks requires a more modern approach that heavily leverages security intelligence in the cloud. Without that cloud intelligence, gateway security solutions can't keep pace with today's complex threats. NSa series nextgeneration firewalls (NGFWs) integrate two advanced security technologies to deliver cutting-edge threat prevention that keeps your network one step ahead. Enhancing SonicWall's multi-engine Capture Advanced Threat Protection (ATP) service is our patent-pending Real-Time Deep Memory Inspection (RTDMI™) technology. The RTDMI engine proactively detects and blocks mass market, zero-day threats and unknown malware by inspecting directly in memory. Because of the real-time architecture, SonicWall RTDMI technology is precise, minimizes false positives, and identifies and mitigates sophisticated attacks where the malware's weaponry is exposed for less than 100 nanoseconds. In combination, SonicWall's patented* single-pass Reassembly-Free Deep Packet Inspection (RFDPI) engine examines every byte of every packet, inspecting both inbound and outbound traffic simultaneously on the firewall. By leveraging the SonicWall Capture Cloud Platform in addition to on-box capabilities including intrusion prevention, antimalware and web/URL filtering, the NSa series blocks even the most insidious threats at the gateway.

Further, SonicWall firewalls provide complete protection by performing full decryption and inspection of TLS/SSL and SSH encrypted connections as well as non-proxyable applications regardless of transport or protocol. The firewall looks deep inside every packet (the header and data) searching for protocol non-compliance, threats, zero-days, intrusions, and even defined criteria. The deep packet inspection engine detects and prevents hidden attacks that leverage cryptography, blocks encrypted malware downloads, ceases the spread of infections, and thwarts command and control (C&C) communications and data exfiltration. Inclusion and exclusion rules allow total control to customize which traffic is subjected to decryption and inspection based on specific organizational compliance and/or legal requirements.

When organizations activate deep packet inspection functions such as IPS, antivirus, anti-spyware, TLS/SSL decryption/ inspection and others on their firewalls,network performance often slows down, sometimes dramatically. NSa series firewalls, however, feature a multi-core hardware architecture that utilizes specialized security microprocessors. Combined with our RTDMI and RFDPI engines, this unique design eliminates the performance degradation networks experience with other firewalls.

SonicWall Network Security appliance (NSa) series

Industry-validated security effectiveness and performance for mid-sized networks and distributed enterprises and data centers

The SonicWall Network Security appliance (NSa) series provides midsized networks, branch offices and distributed enterprises with advanced threat prevention in a high-performance security platform. Utilizing innovative deep learning technologies in the SonicWall Capture Cloud Platform, the NSa series delivers the automated realtime breach detection and prevention organizations need.

Cutting-edge threat prevention with superior performance

Today's network threats are highly evasive and increasingly difficult to identify using traditional methods of detection. Staying ahead of sophisticated attacks requires a more modern approach that heavily leverages security intelligence in the cloud. Without that cloud intelligence, gateway security solutions can't keep pace with today's complex threats. NSa series nextgeneration firewalls (NGFWs) integrate two advanced security technologies to deliver cutting-edge threat prevention that keeps your network one step ahead. Enhancing SonicWall's multi-engine Capture Advanced Threat Protection (ATP) service is our patent-pending Real-Time Deep Memory Inspection (RTDMI™) technology. The RTDMI engine proactively detects and blocks mass market, zero-day threats and unknown malware by inspecting directly in memory. Because of the real-time architecture, SonicWall RTDMI technology is precise, minimizes false positives, and identifies and mitigates sophisticated attacks where the malware's weaponry is exposed for less than 100 nanoseconds. In combination, SonicWall's patented* single-pass Reassembly-Free Deep Packet Inspection (RFDPI) engine examines every byte of every packet, inspecting both inbound and outbound traffic simultaneously on the firewall. By leveraging the SonicWall Capture Cloud Platform in addition to on-box capabilities including intrusion prevention, antimalware and web/URL filtering, the NSa series blocks even the most insidious threats at the gateway.

Further, SonicWall firewalls provide complete protection by performing full decryption and inspection of TLS/SSL and SSH encrypted connections as well as non-proxyable applications regardless of transport or protocol. The firewall looks deep inside every packet (the header and data) searching for protocol non-compliance, threats, zero-days, intrusions, and even defined criteria. The deep packet inspection engine detects and prevents hidden attacks that leverage cryptography, blocks encrypted malware downloads, ceases the spread of infections, and thwarts command and control (C&C) communications and data exfiltration. Inclusion and exclusion rules allow total control to customize which traffic is subjected to decryption and inspection based on specific organizational compliance and/or legal requirements.

When organizations activate deep packet inspection functions such as IPS, antivirus, anti-spyware, TLS/SSL decryption/ inspection and others on their firewalls,network performance often slows down, sometimes dramatically. NSa series firewalls, however, feature a multi-core hardware architecture that utilizes specialized security microprocessors. Combined with our RTDMI and RFDPI engines, this unique design eliminates the performance degradation networks experience with other firewalls.

SonicWall Network Security services platform (NSsp) 12000 series

Scalable, cutting-edge security that leverages the power of cloud intelligence.

The SonicWall Network Security services platform (NSsp) 12000 series takes a modern approach to threat detection and prevention by combining cloud intelligence with appliance-based protection in a scalable, high-speed platform. Designed for large distributed enterprises, data centers and service providers, NSsp series next-generation firewalls (NGFWs) leverage innovative deep learning security technologies in the Capture Cloud Platform to deliver proven protection from the most advanced threats without slowing performance.

Security for the enterprise

The volume and sophistication of today's network attacks continues to grow. Identifying and stopping unknown, zeroday threats and intrusions requires an approach that extends on-box protection with security intelligence in the cloud. Without that cloud intelligence, enterprise gateway security solutions are unable to stay ahead of today's complex threats.

The SonicWall NSsp series takes threat intelligence gathered by our dedicated Capture Labs threat research team and combines it with on-box security to deliver continuously-updated protection. SonicWall's cloud-based Capture Advanced Threat Protection (ATP) service utilizes patent-pending Real-Time Deep Memory Inspection (RTDMI™) technology to proactively detect and block mass market, zeroday threats and unknown malware by inspecting directly in memory. Because of the real-time architecture, SonicWall RTDMI technology is precise, minimizes false positives, and identifies and

mitigates sophisticated attacks where the malware's weaponry is exposed for less than 100 nanoseconds. Augmenting the cloud-based security is SonicWall's patented single-pass ReassemblyFree Deep Packet Inspection (RFDPI®) engine which inspects both inbound and outbound network traffic on the firewall. By leveraging the SonicWall Capture Cloud Platform in addition to on-box capabilities including intrusion prevention, antimalware and web/URL filtering, the NSsp series is able to provide the automated, real-time breach prevention enterprise organizations need.

With the increase in the number of encrypted web connections, it's essential that NGFWs are able to inspect encrypted traffic for hidden threats. SonicWall firewalls provide complete protection by performing full decryption and inspection over hundreds of thousands of TLS/SSL and SSH encrypted connections regardless of port or protocol. The firewall looks deep inside every packet for protocol anomalies, threats, zero-days, intrusions, and even defined criteria. The deep packet inspection engine detects and prevents hidden attacks that leverage cryptography, blocks encrypted malware downloads, ceases the spread of infections, and thwarts command and control (C&C) communications and data exfiltration. Inclusion and exclusion rules allow total control to customize which traffic is subjected to decryption and inspection based on specific organizational compliance and/or legal requirements.

As organizations grow, the need for scalable security takes on greater importance. SonicWall supports growing enterprise networks with a solution that eliminates concerns around the need for adding more processing power. The NSsp 12400 includes four processor modules that can be upgraded to eight, while the NSsp 12800 comes with eight processor modules out of the box.

SonicWall Network Security services platform (NSsp) 12000 series

Scalable, cutting-edge security that leverages the power of cloud intelligence.

The SonicWall Network Security services platform (NSsp) 12000 series takes a modern approach to threat detection and prevention by combining cloud intelligence with appliance-based protection in a scalable, high-speed platform. Designed for large distributed enterprises, data centers and service providers, NSsp series next-generation firewalls (NGFWs) leverage innovative deep learning security technologies in the Capture Cloud Platform to deliver proven protection from the most advanced threats without slowing performance.

Security for the enterprise

The volume and sophistication of today's network attacks continues to grow. Identifying and stopping unknown, zeroday threats and intrusions requires an approach that extends on-box protection with security intelligence in the cloud. Without that cloud intelligence, enterprise gateway security solutions are unable to stay ahead of today's complex threats.

The SonicWall NSsp series takes threat intelligence gathered by our dedicated Capture Labs threat research team and combines it with on-box security to deliver continuously-updated protection. SonicWall's cloud-based Capture Advanced Threat Protection (ATP) service utilizes patent-pending Real-Time Deep Memory Inspection (RTDMI™) technology to proactively detect and block mass market, zeroday threats and unknown malware by inspecting directly in memory. Because of the real-time architecture, SonicWall RTDMI technology is precise, minimizes false positives, and identifies and

mitigates sophisticated attacks where the malware's weaponry is exposed for less than 100 nanoseconds. Augmenting the cloud-based security is SonicWall's patented single-pass ReassemblyFree Deep Packet Inspection (RFDPI®) engine which inspects both inbound and outbound network traffic on the firewall. By leveraging the SonicWall Capture Cloud Platform in addition to on-box capabilities including intrusion prevention, antimalware and web/URL filtering, the NSsp series is able to provide the automated, real-time breach prevention enterprise organizations need.

With the increase in the number of encrypted web connections, it's essential that NGFWs are able to inspect encrypted traffic for hidden threats. SonicWall firewalls provide complete protection by performing full decryption and inspection over hundreds of thousands of TLS/SSL and SSH encrypted connections regardless of port or protocol. The firewall looks deep inside every packet for protocol anomalies, threats, zero-days, intrusions, and even defined criteria. The deep packet inspection engine detects and prevents hidden attacks that leverage cryptography, blocks encrypted malware downloads, ceases the spread of infections, and thwarts command and control (C&C) communications and data exfiltration. Inclusion and exclusion rules allow total control to customize which traffic is subjected to decryption and inspection based on specific organizational compliance and/or legal requirements.

As organizations grow, the need for scalable security takes on greater importance. SonicWall supports growing enterprise networks with a solution that eliminates concerns around the need for adding more processing power. The NSsp 12400 includes four processor modules that can be upgraded to eight, while the NSsp 12800 comes with eight processor modules out of the box.

The SonicWall Network Security services platform (NSsp) 12000 series takes a modern approach to threat detection and prevention by combining cloud intelligence with appliance-based protection in a scalable, high-speed platform. Designed for large distributed enterprises, data centers and service providers, NSsp series next-generation firewalls (NGFWs) leverage innovative deep learning security technologies in the Capture Cloud Platform to deliver proven protection from the most advanced threats without slowing performance.

Security for the enterprise

The volume and sophistication of today's network attacks continues to grow. Identifying and stopping unknown, zeroday threats and intrusions requires an approach that extends on-box protection with security intelligence in the cloud. Without that cloud intelligence, enterprise gateway security solutions are unable to stay ahead of today's complex threats.

The SonicWall NSsp series takes threat intelligence gathered by our dedicated Capture Labs threat research team and combines it with on-box security to deliver continuously-updated protection. SonicWall's cloud-based Capture Advanced Threat Protection (ATP) service utilizes patent-pending Real-Time Deep Memory Inspection (RTDMI™) technology to proactively detect and block mass market, zero-day threats and unknown malware by inspecting directly in memory. Because of the real-time architecture, SonicWall RTDMI technology is precise, minimizes false positives, and identifies and mitigates sophisticated attacks where the malware's weaponry is exposed for less than 100 nanoseconds. Augmenting the cloud-based security is SonicWall's patented single-pass ReassemblyFree Deep Packet Inspection (RFDPI®) engine which inspects both inbound and outbound network traffic on the firewall. By leveraging the SonicWall Capture Cloud Platform in addition to on-box capabilities including intrusion prevention, antimalware and web/URL filtering, the NSsp series is able to provide the automated, real-time breach prevention enterprise organizations need.

With the increase in the number of encrypted web connections, it's essential that NGFWs are able to inspect encrypted traffic for hidden threats. SonicWall firewalls provide complete protection by performing full decryption and inspection over hundreds of thousands of TLS/ SSL and SSH encrypted connections regardless of port or protocol. The firewall looks deep inside every packet for protocol anomalies, threats, zerodays, intrusions, and even defined criteria. The deep packet inspection engine detects and prevents hidden attacks that leverage cryptography, blocks encrypted malware downloads, ceases the spread of infections, and thwarts command and control (C&C) communications and data exfiltration. Inclusion and exclusion rules allow total control to customize which traffic is subjected to decryption and inspection based on specific organizational compliance and/or legal requirements.

As organizations grow, the need for scalable security takes on greater importance. SonicWall supports growing enterprise networks with a solution that eliminates concerns around the need for adding more processing power. The NSsp 12400 includes four processor modules that can be upgraded to eight, while the NSsp 12800 comes with eight processor modules out of the box.