Gen6 NSA Refresh Deep Packet Inspection Next Generation Firewall technology 1. Stateful Packet Inspection 2. Intrusion Prevention – The front-line network defense against application attacks 3. Application Identification & Visualization – Can’t control what you can’t see 4. User Identification through Single Sign On (SSO) – Correlate network traffic with users 5. Application Control – Granular control (Allow Facebook, Block Social Gaming) 6. SSL Decryption – Don’t allow threats to tunnel through encrypted channels 7. Threat Prevention – 2 Confidential Anti-X (Virus/Trojan/Malware) SonicWALL NSA 3600 NSA 4600 NSA 5600 NSA 6600 Next-Gen Firewalls 3 Confidential SonicWALL Dell SonicWALL NSA Lineup replacement E6500 NSA 6600 E5500 NSA 5600 NSA 4500 NSA 3500 4 Confidential NSA 4600 NSA 3600 SonicWALL The new NSA 3600/4600/5600/6600 • 6th Generation technology now moves into the NSA Series • It’s fast Unrivaled Performance in its class • Threat Prevention • Intrusion Protection • SSL Decryption performance • It’s cool • High efficiency power • It’s now • First 10GbE firewall under $5,000! 5 Confidential SonicWALL What are the key features of the product • High performance to price ratio • High port density + 10Gb Interfaces • Single integrated solution with – – – – Industry leading IPS Best in class SSL Decryption Integrated wireless controller Application Control w/visualization • Faster processors with more cores, more system memory • Better/Lower Total Cost of Ownership compared to earlier products and competition 6 Confidential SonicWALL Looking at the box - Front 3600/4600/5600 2xUSB 1 Console 1 SD 1 GbE Management Interface 10 GbE SPF+ 1 GbE SPF 1 GbE 2 Ports LAN Bypass 6600 7 Confidential SonicWALL Looking at the box - Back 3600/4600/5600 Expansion Slot (future) SSC & 2x10 2x10GbE modules Dual Fans Single power supply Dual Hot Swappable Fans 6600 8 Confidential SonicWALL Four new NSA Models NSA 6600 • 4.5 Gbps IPS & Application Control • 12 Gbps Firewall Throughput • 3 Gbps DPI Throughput • 24x1.0 GHz, 4 GB RAM NSA 5600 • 3 Gbps IPS & Application Control • 9 Gbps Firewall Throughput • 1.6 Gbps DPI Throughput • 10x1.3 GHz, 4 GB RAM NSA 4600 • 2 Gbps IPS & Application Control • 6 Gbps Firewall Throughput • 800 Mbps DPI Throughput • 8x1.1 GHz, 2 GB RAM NSA 3600 9 Confidential • 1.1 Gbps IPS & Application Control • 3.4 Gbps Firewall Throughput • 500 Mbps DPI Throughput • 6x800 MHz, 2 GB RAM SonicWALL NSA Series Industry leading performance and PSC in an elegant, 1RU design 80% lower power consumption than Juniper SRX1400 10 Confidential 66% better DPI price to performance ratio than the Palo Alto PA2020 3X 42% higher IPS throughput than the Check Point 4600 higher GAV throughput than the Fortinet Fortigate 600C 4X better scalability (connections per second) than Palo Alto PA-2020 SonicWALL Bringing SuperMassive technology to NSA Industry leading power, space, and cooling all in an elegant 1 rack unit design. 11 Confidential The only NGFW specifically engineered for 10Gb+ enterprise networks. The only NGFW capable of scaling to meet the high DPI performance The only NGFW vendor capable of managing thousands of firewalls and low latency demands of the around the world with real-time world’s largest data centers and visualization. carriers. SonicWALL Dell SonicWALL SMB Lineup SMB/Campus/Branch Dell SonicWALL TZ Series NSA 3600 NSA 4600 NSA 5600 NSA 6600 TZ 215 TZ 205 TZ 105 12 Confidential NSA 220 NSA 250M NSA 2400 SonicWALL Performance: Gen5 vs. Gen6 13 SPI DPI IPS VPN IMIX GAV Max SPI Max DPI New C/s 6600 12.0 3.0 4.5 5.0 3.5 3.0 1M 600K 90K 6500 5.0 1.59 2.3 2.7 1.4 1.69 1M 600K 200K SPI DPI IPS VPN IMIX GAV Max SPI Max DPI New C/s 5600 9.0 1.6 3.0 4.5 2.4 1.7 750K 500K 60K 5500 3.9 0.85 2.0 1.7 1.1 1.0 750K 500K 15K SPI DPI IPS VPN IMIX GAV Max SPI Max DPI New C/s 4600 6.0 0.8 2.0 3.0 1.6 1.1 500K 250K 40K 4500 2.75 0.6 1.4 1.0 0.7 0.69 500K 250K 10K SPI DPI IPS VPN IMIX GAV Max SPI Max DPI New C/s 3600 3.4 0.5 1.1 1.5 0.9 0.6 325K 175K 20K 3500 1.5 0.24 0.75 0.625 0.58 0.35 325K 175K 7K Confidential SonicWALL NSA Series Launch Details Public Announcement – May 7 Firewall SKUs – Regular Dell SonicWALL lineup TotalSecure 1 Year – Security Bundle – Firewall + 1 year 24x7 support and security services High Availability unit – Inherits support and services from the primary appliance – No additional license necessary SecureUpgrade Plus 2/3 Year – Competitive and legacy SonicWALL upgrade program Security Subscriptions Comprehensive Gateway Security Service (Bundle) - Gateway Anti-Malware (Virus) - CloudAV Threat Prevention - Intrusion Prevention - Application Visualization - Application Control - Content/URL filtering - 24x7 Gold Support 14 Confidential Gateway Security Subscription - Intrusion Prevention - Anti-Malware - Application Control & Visualization - CloudAV Threat Prevention Content/URL Filtering Support – SEE NEXT SLIDE SonicWALL Two different levels of support : Gold Support 24x7 Gold Support for NSA 5600 and NSA 6600 • Much like the E-Class support program • Direct access to a team of highly-trained Senior Support Engineers • 24x7x365 telephone, email and web-based technical support Silver support for NSA 3600 and NSA 4600 • Much like existing NSA support • 24x7x365 • 8x5 15 Confidential SonicWALL What about the 2400? 16 Confidential SonicWALL Coming Soon! 17 Confidential SonicWALL One page specs (front) NSA Series System Information April 2013 NSA 3600 NSA 4600 6 10 GbE interfaces 8 2 x10-GbE SFP+ 1 GbE interfaces 4 x 1-GbE SFP, 12 x 1 GbE Operating system Cores Expansion 18 24 4 x10-GbE SFP+ 8 x1-GbE SFP, 8 x1 GbE (1 LAN Bypass pair) 2 GB 2 GB 4 GB 1 Expansion Slot (Rear)*, SD Card* Firewall inspection throughput 3.4 Gbps 6 Gbps Full DPI Throughput 500 Mbps 800 Mbps Application inspection throughput 1.1 Gbps 2 Gbps IPS throughput 1.1 Gbps 2 Gbps Anti-malware inspection throughput (GAV 600 thruput) Mbps 1.1 Gbps IMIX throughput 900 Mbps 1.6 Gbps SSL Inspection & Decryption (DPI SSL) 300 Mbps 500 Mbps VPN throughput (3DES/AES VPN thruput) 1.5 Gbps 3.0 Gbps Connections per second 20,000/sec 40,000/sec Maximum connections (SPI) 325,000 500,000 Maximum connections (DPI) 175,000 250,000 SonicPoints Supported (Maximum) 10 NSA 6600 1 GbE, 1 Console Management interfaces Memory (RAM) NSA 5600 SonicOS 6.1 48 64 4 GB 9 Gbps 1.6 Gbps 3 Gbps 3 Gbps 1.7 Gbps 2.4 Gbps 800 Mbps 4.5 Gbps 60,000/sec 750,000 500,000 12 Gbps 3.0 Gbps 4.5 Gbps 4.5 Gbps 3.0 Gbps 3.5 Gbps 1.3 Gbps 5.0 Gbps 90,000/sec 1,000,000 600,000 96 96 Confidential SonicWALL C97-364834-00 09/06 One page specs (back) VPN Site-to-site tunnels 800 1,500 4000 6000 IPSec VPN clients (Maximum) 50 (1,000) 500 (3,000) 2,000 (4,000) 2,000 (6,000) SSL VPN licenses (Maximum) 2 (30) Encryption/Authentication Key exchange 2 (30) 2 (50) 2 (50) DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1 Diffie Hellman Groups 1, 2, 5, 14 RIP, OSPF Route-based VPN Networking IP address assignment Static (DHCP PPPoE, L2TP and PPTP client), Internal DHCP server, DHCP Relay NAT modes 1:1, many:1, 1:many, flexible NAT (overlapping IPS), PAT, transparent mode VLAN interfaces Routing protocols QoS Authentication VoIP Standards Certifications 19 512 BGP, OSPF, RIPv1/v2, static routes, policy-based routing, multicast Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix Full H323-v1-5, SIP TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS, IEEE 802.3 VPNC, ICSA Firwall, ICSA Anti-Virus Confidential SonicWALL C97-364834-00 09/06