SonicWALL Network Security Appliance (NSA) E5500 01-SSC-7038 Manuale Utente
Codici prodotto
01-SSC-7038
Network Security Appliance
SonicWALL
E
CLASS
Comprehensive, Integrated Best-of-Breed Threat Protection
Unifi ed Threat Management Load Balancing
Single processor designs that include multiple protection technologies are severely limited by a single
centralized processor. SonicWALL UTM load balancing integrates a high-speed deep packet inspection and
traffi
Single processor designs that include multiple protection technologies are severely limited by a single
centralized processor. SonicWALL UTM load balancing integrates a high-speed deep packet inspection and
traffi
c classifi cation engine onto multiple security cores inspecting applications, fi les and content-based traffi
c
in real time without signifi cantly impacting performance or scalability. This enables the scanning and control of
threats for enterprise-class networks that carry bandwidth
intensive and latency sensitive applications .
threats for enterprise-class networks that carry bandwidth
intensive and latency sensitive applications .
Unifi ed Threat Management Engine
The SonicWALL E-Class NSA UTM engine delivers the fi rst scalable application layer inspection engine that
can analyze fi les and content of any size in real time without reassembling packets or application content. This
means of inspection is designed specifi cally for real-time applications and latency sensitive traffi
The SonicWALL E-Class NSA UTM engine delivers the fi rst scalable application layer inspection engine that
can analyze fi les and content of any size in real time without reassembling packets or application content. This
means of inspection is designed specifi cally for real-time applications and latency sensitive traffi
c, delivering
complete control and inspection without having to proxy connections. Using this engine design, high-speed
network traffi
network traffi
c is inspected more effi
ciently and reliably for an improved end user experience.
E-Class Network Security Appliance Architecture
Traffic In
Single-processor Core
Single-processor
Core
Inspection
Architecture
Traffic Out
Inspection Performance
Traffic In
Traffic Out
Multi-processor Core
with Deep Packet Inspection
Deep Packet Inspection Architecture
UTM Load Balancing
Fi
re
w
all
G
at
ew
ay Anti-
V
irus
Anti-Sp
yw
ar
e
In
trusion P
rev
ention
C
ont
ent F
ilt
ering
Applica
tion C
ontr
ol
Clean VPN
Processor
Processor
Processor
Processor
Processor
Inspection Performance
SonicWALL Architecture
Competitive Architecture
Processor
Central-site Gateway
Deployed as a Central-site Gateway the NSA Series
provides a high-speed scalable platform, providing
network segmentation and security using VLAN’s and
security zones. Redundancy features include WAN Load
balancing, ISP fail-over and stateful high availability.
Deployed as a Central-site Gateway the NSA Series
provides a high-speed scalable platform, providing
network segmentation and security using VLAN’s and
security zones. Redundancy features include WAN Load
balancing, ISP fail-over and stateful high availability.
Layer 2 Bridge Mode
Layer 2 bridge mode provides inline intrusion
detection and prevention, adds an additional level
of zone-based security to network segments or
business units and simplifi es layered security.
Additionally, this enables administrators to limit
access to sensitive data by specifi c business unit or
database server.
Layer 2 bridge mode provides inline intrusion
detection and prevention, adds an additional level
of zone-based security to network segments or
business units and simplifi es layered security.
Additionally, this enables administrators to limit
access to sensitive data by specifi c business unit or
database server.
Flexible, Customizable Deployment Options
Dual ISP Failover
Stateful High Availability
Finance
Marketing
Engineering
HF Link
User Zone
Administrative
Servers
NSA Series as Central-site Gateway
NSA Series as In-line UTM Solution
Full L2-L7
Signature-based
inspection
application
awareness
Signature-based
inspection
application
awareness
Traffic In
Packet Assembly-based Process
Traffic Out
Proxy
SonicWALL Architecture
Competitive Architecture
Scanning
When proxy becomes full
or content too large,
files bypass scanning
Packet
Disassembly
Traffic In
Traffic Out
Packet Re-assembly-free Process
Re-assembly-free Packet Scanning
without proxy or content size limitations
Inspection Time
Inspection Time
Inspection Capactiy
Inspection
Capactiy