NSA 240 Overview
Download
Report
Transcript NSA 240 Overview
NSA 240 Overview
For End Users
New Challenges To Solve
Threats Are Increasing
Web 2.0 & SaaS
Impacts to servers, users & networks
Threats go invisible
Poor Application Visibility
Abundance of unknown application
use
Ports are ineffective at blocking
application use
Network misuse is rampant
Increased Performance Demands
2
Bandwidth efficiency is a top concern,
increasing security slows performance
Admins don’t want the tradeoff
between security and performance
Introducing the SonicWALL NSA 240
The SonicWALL® NSA240 – the first
small-form factor multi-core Unified
Threat Management (UTM) platform that
won’t compromise performance
Increase overall network productivity
Demystify the Application Landscape,
blocking or controlling the top misused
applications
Revolutionary UTM Performance
Unlimited UTM Threat Protection
Extend reliability with option 3G or
Modem Add-on Card support
RFDPI
Key Technology
Advantages Scalability
Better
Protection
3
Unlimited
Scalability
SonicWALL CONFIDENTIAL All Rights Reserved
Application Focus
Best-in-class
Performance
Application
Visibility
Next Generation Protection
Typical Protection
x Unprotected - 70% of traffic is no scanned
properly or at all
SonicWALL Solution
Protected – 100% traffic scanning including
unlimited file sizes - Truly scalable UTM
x Slow access - No method of distinguishing
business vs non-business traffic
x Mystery traffic - 25-35% Unknown
Application Use
Best in class Performance – Optimize the
network by distinguishing business vs nonbusiness traffic; deploy gigabit networking
Uncover App Usage– Identify Unknown
Application Use with the App FW Feature-set
x Limited Control - Uncontrolled web access,
not tied to users; Non-business activity
overwhelms bandwidth ; no end point
protection strategy
x No Redundancy - No failover or primary
option to 3G or Modem
Office
Network
Ultimate Control – Control web and
application access, from network to the end
point
Flexibility & Redundancy - Failover or
primary options for using 3G or Modem add
on cards with multiple ISP failover options;
stateful failover protection
NSA 240 Use Cases
User Population
1. Security Upgrade: Next Generation Security
Expanding App Usage
2.
Open Access to Internet
Increase in “Unknown”
Traffic
Limited Control Over
Content
3.
4.
Security Required By
Application
Ever-increasing thirst for
Bandwidth
Network Use
5
CONFIDENTIAL All Rights Reserved
5.
Customers who have stateful inspection and now
require complete inspection of network traffic
without the trade off between security &
performance
Bandwidth Control & Network Efficiency
Customers requiring control over business and
non-business traffic
Demystify Application Use & Provide Control
Customers require complete understanding of
network & application activity by individual user
Expansion: Delivering “Clean VPN”
Companies looking to expand their business while
deploying next generation technology to “clean” site
to site and client to site connections
Building Redundancy Into The Network
Customers can deploy 3G or modem failover OR
use them as primary interfaces in areas where
network lines are scarce or required quickly.
NSA Series Specs
Multi-core
Processor
3G Wireless Cards
NSA 240 Front
Card Slot for
3G/Modem
Category
Future
Expandability
USB ports
NSA 240
UTM
IMIX
VPN
Stateful
GAV
IPS
Conn/sec
Site-to-Site #
Total Connections
110 Mbps
195 Mbps
150 Mbps
600 Mbps
115 Mbps
195 Mbps
2,000
25/50
25,000/35,000
Total Connections UTM
12,500/17,500
6
Interface Status
Monitor
NSA 240 Back
Console
Port
3 GbE Ports
6 FE Ports
NSA 240
Gigiabit Connectivity:
9 Interfaces (3 GbE, 6 FE), 2 USB ports for
future use, PC Card Slot
More memory: 256 MB Ram, 32MB Flash
Exceptional Speed: 110 Mbps
full UTM, 150 Mbps VPN, 600 Mbps
Stateful
Redundancy & Flexibility:
3G Capability via PC Card slot (with
Express card adapter support)
Networking Features: PortShield, VLAN, L2 Bridge Modes supported
SonicOS 5.1.1 with Application Firewall (enabled via services)
Breaking Down Competitive Barriers
What makes the NSA 240 superior over the Competition?
Industry leading UTM performance
Increased Threat Prevention Capabilities
Scans more protocols
RFDPI based Deep Packet Inspection
No file size limits
No concurrent session limits
Application Inspection and policy
enforcement
Application Enforcement for better
network efficiency
Flexible Network Redundancy
Ethernet/Ethernet/3G or Modem
Secondary Gateway for VPN
Optional Stateful High Availability
SonicWALL CONFIDENTIAL All Rights Reserved
NSA 240 vs. Competition
1400
1200
Performance (Mbps)
1000
800
600
400
200
0
NSA 240
ASA 5505
SSG -20
UTM-1 Edge
Firewall Performance
VPN Performance
GAV Performance
UTM Performance
FG 100A
Edge X55e
IPS Performance
*Firewall and VPN throughput measured using UPD traffic adhering to RFC 2544. Gateway
AV/Anti-Spyware/IPS throughput measured using industry standard Spirent WebAvalanche
HTTP performance test. Cisco, Juniper, Check Point, Fortinet and WatchGuard performance
based on datasheet numbers.
Thank You!