Sonicwall Product Lines

SonicWall Product Lines

March 2021

Overview • Network Security

Secure your organization’s public/private cloud, applications, • Wired Security users and data with a deep level of protection that won’t • Wireless Security compromise network performance. The SonicWall Capture Cloud Platform tightly integrates security, management, • Endpoint Security analytics and real-time threat intelligence across the • WAN Acceleration company’s portfolio of network, wireless, email, mobile, web • Advanced Security Services and cloud security products. This approach enables small and mid-sized businesses, to large enterprise environments, • Cloud App Security government, retail point-of-sale, education, healthcare • Cloud Edge Secure Access and service providers to experience our complete security ecosystem that harnesses the power, agility and scalability of • Secure Mobile Access the cloud. • Email Security The Capture Cloud Platform strategy and vision for the future • Management, Reporting and Analytics are continuous innovation and development of containerized • Professional Services and Support as-a-service security applications that are easily programmable and provisioned on-demand. It is comprised of The combination of these delivers mission-critical layered the following key core components and capabilities: cyber defense, threat intelligence, analysis and collaboration, along with common management, reporting and analytics that work synchronously together. Network Security • Application intelligence, control For example, our high-end NSsp and real-time visualization multi-instance firewall ensures SonicWall is one of the leading high quality-of-service level with • Website/URL filtering providers of next-generation firewalls uninterrupted network availability and (content filtering) (NGFWs). Either the SonicOS or the connectivity demanded by today’s SonicOSX firmware is at the core • Virtual private networking (VPN) enterprises, government agencies, of every SonicWall NGFW. SonicOS over SSL or IPSec service providers and universities leverages our scalable, hardware with 100/40/10 Gbps infrastructures. architecture plus our patent-pending • Wireless security Leveraging innovative deep learning Real-Time Deep Memory Inspection security technologies in the SonicWall ™ • Hybrid and multi-cloud security (RTDMI ) and our patented*, single- Capture Cloud Platform, the NSsp pass, low-latency, Reassembly-Free • Stateful failover/failback series delivers proven protection from Deep Packet Inspection® (RFDPI) the most advanced threats without Moreover, SonicWall firewalls deliver fast engines that scan all traffic regardless slowing performance. of port or protocol. response and continuous protection against zero-day threats from the Unified Policy with SonicOSX 7 Our NGFWs ensure that every byte Capture Labs Threat Research Team. The unified policy management feature of every packet is inspected, while This team gathers, analyzes and vets in SonicOSX 7 offers integrated maintaining the high performance cross-vector threat information from management of access and security and low latency that busy networks a variety of threat intelligence sources, policies across certain SonicWall high- require. Unlike competitive offerings, including over one million globally end NSsp and NSv virtual firewalls. the single-pass RFDPI engine placed sensors within its Capture enables simultaneous, multi-threat Threat Network. It comes with a new web interface that and application scanning, as well as SonicWall Network Security services is designed with a radically different analysis of any size file, without packet platform (NSsp) series approach. The emphasis is on user-first reassembly. This enables SonicWall design, which leads to a more intuitive NGFWs to massively scale to extend The SonicWall NSsp series NGFW set up of contextual security policies state-of-the-art security to growing and platform is designed to deliver through actionable alerts, and with distributed enterprise networks and scalability, reliability and deep point-and-click simplicity. data centers. security at multi-gigabit speeds for large networks. Visually, it is also more attractive SonicWall NGFWs offer a range of than the classic interface. In a single- robust capabilities, including: NSS Labs has assessed SonicWall pane view of a firewall, the interface firewalls using one of the most • Capture ATP cloud-based presents the user with information on rigorous real-world performance test multi-engine sandboxing the effectiveness of various security of NGFWs, and SonicWall excels in rules. It enables the user to modify the • SD-WAN security effectiveness, performance, predefined rules for gateway antivirus, scalability, reliability and TCO. For the antispyware, content filtering, intrusion • REST APIs fifth time, SonicWall firewalls have set prevention, geo-IP filtering and deep- the standard for high performance • Decryption and inspection of packet inspection of encrypted traffic application control and threat encrypted traffic in a seamless fashion. prevention in various deployment • Intrusion prevention service (IPS) use cases, from small businesses With this new unified policy interface, to large data centers, carriers and SonicWall delivers a more streamlined • Malware protection service providers. experience to control dynamic traffic changes in less time, and for a better overall security posture.

*U.S. Patents 7,310,815; 7,600,257; 7,738,380; 7,835,361; 7,991,723

2 SonicWall Network Security government organizations, and interfaces, Secure SD-WAN, built-in and appliance (NSa) series distributed enterprises with remote expandable storage, TLS 1.3 support sites and branch offices. Unlike and 5G readiness while delivering The SonicWall Network Security consumer-grade products, the TZ ground-breaking performance. appliance (NSa) series is the one of series consolidates highly effective Redundant power supplies, 802.11ac the most secure, highest performing anti-malware, intrusion prevention, Wave 2 support and expandable NGFW available. It delivers business- content/URL filtering and application storage further enhances the class security without compromising control capabilities over wired and capabilities of these devices. Designed performance, using the same wireless networks — along with broad for mid-sized organizations and architecture as the flagship NSsp mobile platform support for laptops, distributed enterprise with SD-Branch NGFW series — developed for the smartphones and tablets. It provides locations, the new generation TZ series world’s most demanding carriers and full deep packet inspection (DPI) at very firewalls deliver industry-validated enterprises. At the same time, it offers high performance levels, eliminating the security effectiveness with best-in- SonicWall’s acclaimed ease of use and network bottleneck that other products class price-performance. high value. introduce, and enables organizations to SonicWall Network Security virtual Based on years of research and realize productivity gains. (NSv) series development, the NSa series is As with all SonicWall firewalls, the TZ designed from the ground up for SonicWall Network Security virtual series inspects the whole file, including distributed enterprises, medium- (NSv) firewalls extend automated TLS/SSL-encrypted files, to enable sized businesses, branch offices, breach detection and prevention into complete protection. Additionally, the school campuses and government hybrid and multi-cloud environments TZ series offers application intelligence agencies. The NSa series combines a with virtualized versions of SonicWall and control, advanced application revolutionary multi-core architecture next-generation firewalls. With full- traffic analytics and reporting, Internet with cloud-based Real-Time Deep featured security tools and services Protocol Security (IPsec) and SSL VPN, Memory Inspection (RTDMI) technology equivalent to a SonicWall NSa firewall, multiple ISP failover, load balancing and and a patented RFDPI single-pass NSv effectively defends your virtual SD-WAN. Optional integrated Power threat-prevention engine in a massively and cloud environments from resource over Ethernet (PoE) and high-speed scalable design. This offers industry- misuse attacks, cross-virtual-machine 802.11ac wireless enable organizations leading protection, performance and attacks, side-channel attacks and to extend their network boundaries scalability, with the highest number of all common network-based exploits easily and securely. Combined with concurrent connections, lowest latency, and threats. SonicWall switches, the TZ series no file size limitations and superior firewalls provide the flexibility to NSv is easily deployed and provisioned connections-per-second in its class. securely grow the business with the in a multi-tenant virtual environment, SonicWall TZ series ease of Zero-Touch Deployment, but typically between virtual networks without adding complexity. (VNs). It establishes access control The SonicWall TZ series is comprised measures to preserve data and VM of highly reliable, highly secure unified The latest-generation TZ series is safety while capturing virtual traffic threat management (UTM) firewalls the first desktop form factor to bring between virtual machines and networks designed for small- to medium-sized multi-gigabit (2.5/5/10G) or gigabit for automated breach prevention. businesses (SMB), retail deployments,

3 With infrastructure support for high CSa lets you analyze malware hidden Wireless Security availability (HA) implementation, NSv in a broad range of file types, file fulfills scalability and availability sizes and operating environments, SonicWall makes wireless networking requirements of Software Defined for comprehensive zero-day threat secure, simple and affordable with Data Center (SDDC). Easily deployed detection. It detects and stops side- the innovative SonicWall Wireless as a virtual appliance in private cloud channel attacks through real-time Network Security solution. The platforms such as VMWare ESXi, memory-based inspection. By forcing solution provides ultimate flexibility by Linux KVM, or Microsoft Hyper-V, or malware to reveal its weaponry into management via firewalls or cloud. The in AWS or Microsoft Azure public memory, CSa proactively blocks mass- high-performance SonicWave Series cloud environments. Leverage flexible market, zero-day and unknown threats. 802.11ac Wave 2 wireless access BYOL and PAYG licensing models with CSa supports closed networks and can points can be easily managed via the NSv and provide organizations all the be used with the latest SonicWall next- Wireless Network Manager or SonicWall security advantages of a physical generation firewalls. firewalls. SonicWave access points can be untethered from the firewalls and firewall with the operational and Wired Security economic benefits of virtualization. deployed independently. SonicWall Switches deliver high-speed Certain NSv firewall models feature In addition to the high-speed wireless network switching with unparalleled SonicOSX with Unified Policy, delivering access points and cloud-managed performance and manageability. They a more streamlined experience to dashboard, SonicWall wireless security feature high port density, optional control dynamic traffic changes in solution includes WiFi Planner, an Power over Ethernet (PoE) and 1- or less time, and provide a better overall advanced site-survey tool to help 10-gigabit throughput. Ideal for security posture. admins plan and deploy WiFi networks SMBs and Software-Defined Branch effectively. The solution also consists Capture Security appliance (SD-Branch) networks, they enable of SonicExpress mobile app for easy 1000 (CSa 1000) any size businesses to undergo onboarding and monitoring of access digital transformation and keep points to provide admins real-time To comply with regulations and privacy pace with the changing network and information on network status standards, you need a budget-friendly security landscape. and security. threat analysis platform that malicious code can’t detect and evade. SonicWall SonicWall Switches can be managed via Our solution goes beyond mere Capture Security appliance (CSa) SonicWall firewalls or Wireless Network secure wireless solutions by securing is an on-premises file analysis and Manager (WNM). WNM seamlessly wireless networks with RTDMI and malware detection solution featuring integrates wired and wireless security RFDPI technologies and delivers SonicWall Real-Time Deep Memory end-to-end for a unified security advanced security features such as Inspection (RTDMI). RTDMI enables posture. This simplifies deployment, multi-engine sandboxing, content CSa to catch more malware, faster and management and troubleshooting, filtering, Cloud AV directly on the more effectively. Its low false positive and eliminates gaps that may arise access point, without the need for a rate enhances security and end with third-party switches. SonicWall firewall. Further enhance security and user experience. Switches can be rolled out quickly performance on your network with across distributed branches using features including intrusion prevention, Zero-Touch Deployment. TLS/SSL decryption and inspection and

4 application control for enterprise-level Endpoint security products have (DPI-SSL) easier with a better end user performance and protection. been on the market for years but experience, Capture Client enables administrators struggle with: administrators to push SSL certificates SonicWave APs supports fast the endpoint much easier than before. roaming, so that users can roam from • Keeping security products up to date one location to another seamlessly. On top of this, Capture Client features • Enforcing policies on a global scale Its feature-rich portfolio includes an advanced antivirus engine designed captive portal, auto channel selection, • Getting reports and viewing health to stop the most ingenious malware spectrum analysis, air-time fairness, of tenants with a rollback option to return band steering and signal analysis tools to a previously uninfected state. for monitoring and troubleshooting. • Threats coming through and Furthermore, Capture Client Advanced creating encrypted channels integrates with SonicWall Capture SonicWall lowers total cost of Advanced Threat Protection (ATP) to • Understanding alerts and ownership (TCO) by enabling examine suspicious files to better stop remediation steps administrators to avoid implementing attacks before they activate. and separately managing an expensive • Cataloging applications and their wireless-specific solution that runs in vulnerabilities Administrators can now catalog all parallel to their existing wired network. applications on every Capture Client Endpoint Security • Stopping threats like ransomware protected endpoint with reporting on known vulnerabilities within • Fileless attacks and infected the ecosystem. The management and security of USB devices bypassing endpoints is critical in today’s business perimeter defenses The Global Dashboard has been climate. With end users in and out designed to let MSSPs see the number of the network with their devices, as SonicWall Capture Client is a unified of infections, what vulnerabilities are well as encrypted threats reaching client platform that will deliver multiple present and the version of Capture endpoints unchecked, something endpoint protection capabilities. Client installed by each tenant. They must be done to protect these devices. This solution features a cloud- can see what and who is being blocked With the growth of ransomware and based management console and an the most by Content Filtering, and application vulnerabilities, endpoints optional complete integration with they can see which devices are online are the battleground of today’s SonicWall next-generation firewalls and operating as well. Global Policy threat landscape. for a unified security experience for SonicWall customers. Combined allows administrators to apply a single Additionally, administrators struggle with enforcement capabilities, baseline policy to all tenants. This with the visibility and management SonicWall Capture Client can ensure makes it easier to spin up new tenants of their security posture. They are that endpoints are running security and quickly create protections for new also challenged by having to provide software and/or have an embedded SSL threats across all tenants on this policy. consistent assurance of client security, certificate in place for the inspection of along with easy-to-use and actionable encrypted traffic. Furthermore, in order intelligence and reporting. to make the inspection of SSL traffic

5 SonicWall Capture Client address, URLs and domains on Unlike standalone WAN acceleration features include: devices away from the network products, WXA solutions are integrated add-ons to SonicWall NSa and TZ • Policy-based Device Control • Security enforcement series firewalls. This integrated to block potentially infected solution streamlines the placement, • DPI-SSL certificate management storage devices deployment, configuration, routing, • Continuous behavioral monitoring WAN Acceleration management and integration of the WXA with other components, such as • Highly accurate determinations The SonicWall WAN Acceleration (WXA) VPNs. When deployed in conjunction achieved through machine learning series reduces application latency and with a SonicWall NGFW running conserves bandwidth, significantly • Multiple layered heuristic-based Application Intelligence and Control enhancing WAN application techniques Service, the WXA offers the unique performance and user experience for combined benefit of both prioritizing • Application Vulnerability small- to medium-sized organizations application traffic and minimizing traffic Intelligence with remote and branch offices. After between sites, resulting in optimal initial data transfer, the WXA series network performance. • Unique rollback capabilities dramatically reduces all subsequent • Capture Advanced Threat traffic by transmitting only new or Learn more about SonicWall network Protection network changed data across the network. security products at: www.sonicwall. sandbox integration The WXA deduplicates data traversing com/en-us/products. the WAN, remembers previously • Global Dashboard and Global Policy transferred data, and replaces repeated with Inheritance byte sequences with an identifier, thus reducing application latency • One-click lookup of suspicious and conserving bandwidth. Other files against Capture ATP’s threat acceleration features include data intel database of convictions and caching, file deduplication, metadata acquittals caching, HTTP (web) caching and • Content Filtering to enforce web data-in-flight compression. policies and block malicious IP

6 Advanced Security Services Learn more about network security Comprehensive Anti-Spam Service, services and add-ons at: www. Network Visibility, 24x7 Support, SonicWall network security firewall sonicwall.com/en-us/products/ Cloud Management, Cloud-based services and add-ons offer highly firewalls/security-services. Reporting for 7 Days and optional effective, advanced protection for Premier Support. organizations of all sizes, to help defend SonicWall offers three subscription against security threats, gain greater bundles on Gen 7 TZ series firewalls: TotalSecure Threat Edition security control, enhance productivity Threat Protection Services Suite, – Firewall plus the Threat Protection and lower costs. Essential Protection Services Suite Services Suite. and Advanced Protection Services Services and add-ons for Gen 6 Suite. The Threat Protection Services TotalSecure Essential Edition series include: Suite includes basic security services – Firewall plus the Essential Protection needed to ensure that the network Services Suite. • TotalSecure Advanced bundle – is protected from threats in a cost- Firewall plus the Advanced Gateway TotalSecure Advanced Edition effective bundle. Add SonicWall Security Suite bundle (multi-engine – Firewall plus the Advanced Protection Essential bundle to gain essential sandboxing, anti-virus, anti- Services Suite. security services needed to protect spyware, intrusion prevention, against known & unknown threats, application intelligence, content/ while Advanced tier offers advanced Inspect Deep Memory web filtering and 24x7 support) security to extend the security of your • Advanced Gateway Security network with added cloud essential A patent-pending technology, Suite bundle – Capture Advanced security services. the SonicWall Real-Time Deep Threat Protection, gateway anti- Memory Inspection (RTDMI) virus, anti-spyware, intrusion Threat Protection Services Suite, engine proactively detects and prevention, content/web filtering available only on TZ270/370/470 blocks unknown mass-market and 24x7 support series, includes Gateway Anti-Virus, malware via deep memory Intrusion Prevention and Application inspection in real time. Available • Gateway security services – Control, Content Filtering Service, now with the SonicWall Capture Gateway anti-virus, anti-spyware, Network Visibility and 24x7 Support. Advanced Threat Protection intrusion prevention and application (ATP) cloud sandbox service, the intelligence and control Essential Protection Services engine identifies and mitigates Suite includes Capture Advanced even the most insidious modern threats, including future • Capture Advanced Threat Threat Protection with RTDMI Meltdown exploits. Protection (ATP) Technology, Gateway Anti-Virus, • Content filtering services Intrusion Prevention and Application Control, Content Filtering Service, • Enforced client ant-virus and Comprehensive Anti-Spam Service, anti-spyware software Network Visibility and 24x7 Support.

• Comprehensive anti-spam service Advanced Protection Services • Deep packet inspection of TLS/ Suite includes Capture Advanced SSL-encrypted traffic (DPI-SSL) Threat Protection with RTDMI Technology, Gateway Anti-Virus, • Application intelligence and control Intrusion Prevention and Application Control, Content Filtering Service, • Intrusion prevention system (IPS)

7 Cloud App Security unsanctioned IT applications, and behavior analytics with over 300 threat Cloud App Security - Shadow IT enforce access policies to block indicators to determine if legitimate risky applications. accounts are being exploited by SonicWall Cloud App Security - cybercriminals. Using ML and AI Shadow IT is a cloud service that Cloud App Security - Shadow IT offers: capabilities, the solution blocks delivers real-time visibility and control impersonation attacks, including • Shadow IT discovery of cloud application usage. retroactive scanning of activities. Leverage existing firewall log files Its comprehensive dashboard enables to automate cloud discovery to administrators to discover usage For SaaS and file-sharing applications identify applications being used of risky applications, track user such as OneDrive, Cloud App Security and their risk posture activity, and set app control (block/ – SaaS Security applies SonicWall unblock) policies on sanctioned and • Real-time application visibility Capture ATP’s multi-sandbox engines unsanctioned applications to protect Monitor usage in real-time with to detect never-before-seen malware. sensitive corporate data. an intuitive dashboard view that It does both historical and real-time provides details of applications scans of files and data, whether at By integrating with SonicWall next- being used, traffic volume, user rest or traversing a SaaS environment, generation firewalls (NGFW), the Cloud activity and location of use internally or cloud-to-cloud. App Security - Shadow IT can leverage Additionally, the solution’s DLP feature the existing network infrastructure to • Application classification protects data at rest by limiting access gain visibility into cloud usage. and control to only sanctioned applications and Classify unmanaged cloud preventing unauthorized data uploads. SonicWall NGFWs analyze and log applications into Sanctioned Apps all traffic entering and leaving the (IT approved) or Un-Sanctioned As a SaaS service, Cloud App Security network. Logs generated for outbound Apps (not IT approved), and set – SaaS Security is can be activated traffic data do not clearly distinguish allow/block policies based on and operational within minutes. With the cloud applications being used and the application risk score unlimited scalability, the solution helps don’t provide a risk score for each Cloud App Security - SaaS Security any size organization immediately add application used by employees. protection for its SaaS application The SonicWall Cloud App Security users, whether a few hundred or For remote employees redirected – SaaS Security solution protects hundreds of thousands distributed through NGFW using VPN, the solution popular SaaS email, collaboration across the globe. Every SaaS app gathers additional detail from these and productivity applications has a separate policy engine, each logs on the actions users take within including Office 365 email, SharePoint, with its own rules and enforcement cloud services. Cloud App Security OneDrive, G-Suite, Dropbox and Box. capabilities. This way, you can commit - Shadow IT processes log files from Its protection coverage includes: a specific policy for each SaaS SonicWall NGFWs, and reveals which application based on your security cloud services are in use by which • Business Email Compromise (BEC) requirements for each. users, data volumes uploaded to and downloaded from the cloud, and • Data Loss Prevention (DLP) Without the need to install and manage the risk and category of each cloud • Account Takeover (ATO) hardware and software, Cloud App service. In effect, the solution Security – SaaS Security eliminates makes the existing infrastructure • Advanced malware and zero-day the capital expense, complex cloud-aware. threat in malicious attachments installation and on-going maintenance and stored files costs associated with deploying an With employees increasingly using on-prem alternative solution. cloud applications for work, Cloud • Targeted phishing App Security - Shadow IT enables • Fraud attempts Learn more about SonicWall Cloud administrators to detect gaps in App Security at www.sonicwall.com/ security posture, classify cloud Cloud App Security – SaaS Security cloud-security applications into sanctioned and uses advanced user profiling and

8 Cloud Edge Secure Access • Cloud-direct, reliable access from Furthermore, the separation of Evolution of Traditional VPN to Zero- anywhere functions also makes Cloud Edge Trust Security Secure Access impervious to common As a cloud-native service, it delivers a cyber threats, such as DDoS, public simple Network-as-a-Service (NaaS) Today’s employees want the flexibility Wi-Fi hijacking, SYN flood, and Slowloris. for site-to-site and hybrid cloud to work from anywhere — and today’s Additional Benefits: organizations want to take advantage connectivity with integrated Zero-Trust and Least-Privilege security. of the cost savings and operational • Security solution for distributed efficiencies offered by the cloud. The combination prevents threats from enterprises and remote workforce But traditional VPN solutions weren’t moving laterally by applying four core • Instant, secure access to sites and built for this new reality. Deploying one security actions: resources on hybrid clouds can take days or even weeks. Supply • Verify all user and device availability issues mean they may or • Scales from 100 users to credentials, even for internal traffic may not be available, and once you thousands of users have one in place, it can be difficult to • Contextualize the request to ensure • Security for public Wi-Fi use schedule downtime. authenticity and compliance with corporate guidelines • High-performance WireGuard Worse, they can offer a back door into encryption your network, as any successful login • Micro-segment network access to grants broad network access and stop threats from moving laterally • Cloud Identity Provider integration allows for lateral movement within the • Grant access to the requested • Modern SSO and MFA Integration network subnet. applications and nothing more. • SIEM integration And because the user traffic loops Organizations can now empower through the on-premise VPN • Multi-tenancy for MSSPs remote workforces and protect high- concentrator instead of going directly value business assets at the same time. • Complete monitoring and reporting to the cloud, VPN creates latency that for compliance audits decreases efficiency and degrades Worldwide cloud-native service that takes minutes to deploy users’ cloud experience. • Dedicated per-customer cloud gateways and IP addresses SonicWall Cloud Edge is supported by Gartner predicts that by 2023, 60% of over 30 global points of presence (PoPs). enterprises will phase out most of their • Available in USA, Europe, Middle East and Asia remote access virtual private networks The global service allows IT managers (VPNs) in favor of Zero-Trust Network to connect a branch office and deploy Learn more about SonicWall Cloud Access (ZTNA). the service in 15 minutes. And end- Edge Secure Access at www.sonicwall. Network-as-a-Service with users can install the SonicWall Cloud com/products/cloud-edge-secure- Integrated Zero-Trust Security to Edge client and become productive in access Protect High-Value Assets 5 minutes. Secure Mobile Access With Cloud Edge Secure Access, The infrastructure is built on the SonicWall offers a ZTNA solution that Software-Defined Perimeter (SDP) The SonicWall Secure Mobile Access overcomes these problems while architecture, which separates the (SMA) series is the unified secure providing a host of other benefits. At centralized controller from the access gateway for organizations the core of SonicWall Cloud Edge gateways which act as trust brokers. facing challenges in mobility, work- Secure Access are three essential at-home, BYOD and cloud migration. capabilities: By distributing the SDP gateways, The solution enables organization Cloud Edge Secure Access can scale to provide anytime, anywhere and • Least-Privilege access to protect rapidly, maintain high performance any device access to mission critical corporate assets and deliver the best cloud corporate resources. SMA’s granular experience possible. access control policy engine, context • Fast self-service deployment aware device authorization, application

9 level VPN and advanced authentication SaaS applications that use SAML 2.0 with FIPS 140-2 Level 2 certification. with single sign-on empowers and campus hosted applications The SMA virtual appliances offer the organizations to embrace BYOD and that use RADIUS or Kerberos. SMA same robust secure access capabilities mobility in a hybrid IT environment. integrates with multiple authentication, on major virtual and cloud platforms authorization and accounting servers such as Hyper-V, VMware, AWS and In addition, SMA reduces the surface and leading Multi-factor authentication Azure. Whether you choose to deploy area for threats by providing features (MFA) technologies for added security. physical appliances, virtual appliances such as Geo IP and Botnet detection, Secure SSO is delivered only to or a combination of the two, SMA Web Application Firewall and Capture authorized endpoint devices after fits seamlessly into your existing ATP sandbox integration. checks for health status IT infrastructure. Mobility and BYOD and compliance. SMA Web Application Firewall Managed service providers For organizations wishing to embrace The SonicWall SMA100 series Web BYOD, flexible working or offshore For organizations with data centers or Application Firewall (WAF) enables development, SMA becomes the for managed service providers, SMA a defense-in-depth strategy by central enforcement point across provides turnkey solution to deliver augmenting perimeter security to them all. SMA delivers best-in-class a high degree of business continuity protect your web applications running security to minimize surface threats, and scalability. The SonicWall's SMA in a private, public or hybrid cloud while making organizations more can support up to 20,000 concurrent environment. SMA100 series WAF secure by supporting latest encryption connections on a single appliance with offers web application protection and algorithms and ciphers. SonicWall's the ability to scale upwards of a million information disclosure protection while SMA allows administrators to provision users through intelligent clustering. accelerating web application delivery secure mobile access and role-based Reduce costs at data centers with capabilities that enable application- privileges so end-users get fast, simple active-active HA clustering (Global aware load balancing, SSL offloading access to the business applications, High Availability) and built-in dynamic for resilience and an enhanced digital data and resources they require. At the load balancer (Global Traffic Optimizer), engagement and experience. same time, organizations can institute which reallocates global traffic to the secure BYOD policies to protect their most optimized data center in real-time Additional benefits also include: corporate networks and data from based on user demand. SMA empowers • Protection against known and rogue access and malware. service owners through a series of zero-day vulnerabilities with virtual Move to the cloud tools to deliver a service with zero patching and custom rules downtime and allows very aggressive For organizations embarking on a cloud SLAs to be fulfilled. • Defense against latest migration journey, SMA offers a single SMA Appliances vulnerabilities and threats outlined sign-on (SSO) infrastructure that uses by OWASP, including SQL injection single web portal to authenticate users SonicWall SMA can be deployed and cross-site scripting (XSS) in a hybrid IT environment. Whether the as a hardened, high-performance corporate resource is on-premises, on appliance or as a virtual appliance • Stopping attackers from the web or in a hosted cloud, the access leveraging shared computing spreading malware and initiating experience is consistent and seamless. resources to optimize utilization, C&C shell session Users do not need to remember all ease migration and reduce capital • Strong session management and the individual application URLs and costs. The hardware appliances are authentication requirements such maintain exhaustive bookmarks. With built on a multi-core architecture that OTP, 2FA and SSO Workplace, a centralized access portal, offers high performance with SSL you give users one URL to access all acceleration, VPN throughput and • Ensuring server high-availability mission critical applications from a powerful proxies to deliver robust protection against application DoS/ standard Web browser. SMA provides secure access. For regulated and DDoS attacks federated SSO to both cloud hosted federal organizations, SMA is available

10 Management and Reporting Whether you need to provide reliable, business, a large, distributed enterprise, secure access to 5 users from a single or a managed service provider (MSP), SonicWall provides an intuitive web- data center or scale up to thousands’ you need a cost-effective way to deploy based management platform to of users from globally distributed data email security and encryption, and the streamline appliance management centers, SonicWall SMA has a solution scalability to easily grow capacity for while providing extensive reporting for you. — and delegate management across — capabilities. The easy-to-use GUI organizational units and domains. brings clarity to managing multiple Learn more about SonicWall mobile machines. Unified policy management security products at: www.sonicwall. Also, to manage costs and resources, helps you create and monitor access com/products/remote-access/ organizations are adopting Microsoft policies and configurations. One single Email Security Office 365 and Google G Suite. policy configuration can manage your While these offer built-in security users, devices, applications, data and Email is crucial for your business functionalities, to combat advanced networks. Automate routine tasks communication, but it is also the email threats organizations require a and schedule activities, freeing up number-one attack vector for threats next-generation email security solution security teams from repetitive tasks to such as ransomware, phishing, that seamlessly integrates with Office focus on strategic security tasks like business email compromise (BEC), 365 and G Suite, to protect them incidence response. spoofing, spam and viruses. What’s against today’s advanced threats. Empower your IT department to provide more, government regulations now SonicWall Email Security Appliances the best experience and the most hold your business accountable Easy to set up and administer, secure access, depending on the user for protecting confidential data and SonicWall Email Security is designed scenario. Choose from a range of fully ensuring it is not leaked and that email to cost-effectively scale from 10 clientless web-based secure access containing sensitive customer data to 100,000 mailboxes. It can be for vendors and third-party contractors, or confidential information is securely deployed as a hardware appliance, or a more traditional client-based full exchanged. Whether your organization as a virtual appliance leveraging tunnel VPN access for executives. is a growing small-to-medium-sized

11 shared computing resources, or • Protect against email fraud and threats such as ransomware, zero- as software — including software targeted phishing attacks day threats, spear phishing and BEC, optimized for Microsoft Windows while meeting email compliance and • Get up-to-date security with server or Small Business Server. regulatory mandates. Get the same real-time threat intelligence SonicWall Email Security physical level of advanced email protection appliances are ideal for organizations • Secure your cloud email service with our hosted solution, which offers that need a dedicated on-premises (Office 365, G-Suite) feature parity with physical and virtual solution. Our multi-layered solution appliances. The solution also offers provides comprehensive inbound and • Enable email data loss prevention email continuity to ensure that emails outbound protection. It is available in and compliance are always delivered and productivity a range of hardware appliance options is not impacted during planned and • Easy management and reporting that scale up to 10,000 users per unplanned outages of on-prem email appliance. SonicWall Email Security • Flexible deployment options servers or a cloud provider such is also available as a virtual appliance as Office 365 and G suite. Administration of the Email Security or as a software application. This is solution is intuitive, quick and ideal for organizations that require SonicWall Hosted Email Security offers simple. You can safely delegate spam the flexibility and agility that come superior, cloud-based protection from management to end-users, while still with virtualization. The solution can be inbound and outbound threats, at an retaining ultimate control over security configured for high availability in split affordable, predictable and flexible enforcement. You can also easily mode, to centrally and reliably manage monthly or annual subscription price. manage user and group accounts with large-scale deployments. You can minimize upfront deployment seamless multi-LDAP synchronization. time and costs, as well as ongoing SonicWall email security solution uses administration expenses without The solution also provides easy technologies such as machine learning, compromising on security. integration for Office 365 and G suite to heuristics, reputation and content defend against advanced email threats. analysis, time-of-click URL protection, SonicWall offers VARs and MSPs a greater opportunity to compete and and sandboxing for attachments and For large, distributed environments, grow revenue while minimizing risk, URLs to deliver comprehensive inbound multi-tenancy support lets you overhead and ongoing costs. SonicWall and outbound protection. delegate sub-administrators to manage Hosted Email Security includes settings at multiple organizational The solution also includes powerful MSP-friendly features such as robust units (such as enterprise divisions or email authentication standards to stop multi-tenancy, central management MSP customers) within a single Email spoofing attacks and email fraud. These for multiple subscribers, Office 365 Security deployment. include Sender Policy Framework (SPF); integration, flexible purchase options Domain Keys Identified Mail (DKIM); and SonicWall Hosted Email and automated provisioning. Domain-based Message Authentication, Security service Reporting and Conformance (DMARC). Learn more about SonicWall Email Trust fast-to-deploy and easy-to- Security products at www.sonicwall. • Stop advanced threats before they administer hosted services to protect com/en-us/products/secure-email. reach your inbox your organization from email-borne

12 Management, Reporting and troubleshooting complexities; manage and provision your SonicWall and Analytics and federate all operational aspects network security operations. of the security infrastructure. SonicWall believes a connected These include centralized policy These operations include deploying and approach to security management management and enforcement, real- managing all firewall devices, device is fundamental to good preventative time event monitoring, granular data groups and tenants; synchronizing security practice. It also forms the analytics and reporting, audit trails, and enforcing consistent security basis for unified security governance, Zero-Touch Deployment, SD-WAN policies across your environments; compliance and risk management provisioning and more under a unified and monitoring everything from one strategy. With SonicWall management, enterprise platform. dynamic dashboard with detailed reporting and analytics solutions, reports and analytics. NSM enables you organizations get an integrated, GMS also meets the firewall change to do all this from a single user-friendly secured and extensible platform to management requirements of cloud-native console that can be establish a strong, uniform security organizations through an approval accessed from any location using any defense and response strategy across workflow automation. This intrinsic, browser-enabled device. their wired, wireless, endpoint, mobile automated process assures the and multi-cloud networks. The full correctness and the compliance of For service providers, NSM provides adoption of this common platform gives policy changes by enforcing a rigorous complete multi-tenant management organizations deep security insight to process for configuring, comparing, and independent policy control make informed security decisions and validating, reviewing and approving isolation across all managed tenants. move quickly to drive collaboration, security management policies before This separation encompasses all communication and knowledge across deployment. The approval groups NSM’s management features and the shared security framework. are flexible, enabling adherence to functions that dictate the firewall operation for each tenant. You can SonicWall Global Management System company security policies and assuring the right firewall policies are deployed construct every tenant to have its Deployable on-premises as software or at the right time and in conformance own set of users, groups and roles to a virtual appliance, the SonicWall Global to compliance regulations. conduct device group management, policy orchestration, and all other Management System (GMS) cohesively SonicWall Network Security manages network security operations Management administrative tasks within the by business processes and service boundary of the assigned tenant levels as opposed to a less efficient SonicWall Network Security Manager account. These open opportunities device-by-device siloed approach. (NSM) offers you everything you need for MSP/MSSPs to increase their GMS enables organizations of varying for a unified firewall management security services agility while sizes and types to consolidate system. It empowers you with tenant- reducing the operating expenses and the management of security level visibility, group-based device complexities of supporting a solely appliances; reduce administrative control and unlimited scale to centrally owned infrastructure.

¹ NSM SaaS includes reporting and analytics features. 2 NSM On-Prem requires a separate SonicWall Analytics On-Prem install and license for the reporting and analytics features.

13 SonicWall Wireless Network Manager Automatic firmware and security or risky user activities and behavior updates keep managed devices up to with greater visibility, accuracy and SonicWall Wireless Network Manager date. In case an Internet outage, access speed as they unfold in the discovery (WNM) globally integrates management points and switches can continue to process. This allows security teams of SonicWave Access Points and work without WNM, ensuring business to focus their valuable time and effort SonicWall Switches. As part of the continuity. on orchestrating rapid response and SonicWall Capture Security Center SonicWall Analytics remediation actions to those security ecosystem, it enables unified visibility risks that matter instead of reacting to and management across wired and SonicWall Analytics transforms data every event. wireless networks. into decisions and decisions into actions that solve security problems Moreover, weaving Analytics into the Cloud-based and user-friendly, and prevent them from reoccurring. business process helps operationalize WNM simplifies access, control and the analytics by automating real- troubleshooting on a single-pane-of- SonicWall Analytics is a powerful time, actionable alerts; orchestrating glass dashboard. Create single policies traffic monitoring and analysis service. security policies and controls in a at the tenant level and push them It provides an eagle-eye view into proactive and automated fashion; down to various locations and zones. everything that is happening inside and monitoring the results for Drill down on managed devices for the network security environment. security assurance. granular data. WNM is highly scalable, Its intelligence-driven analytic from a single site to global enterprise engine aggregates, normalizes and Learn more about SonicWall networks with tens of thousands of contextualizes security data, including management and reporting products managed devices. network traffic and user activities at www.sonicwall.com/en-us/ flowing through the firewall and productsfirewalls/management-and- Prior to access point deployment, a wireless access points. This gives reporting. wireless site survey can help ensure administrators direct line of sight into performance and productivity. The the threat intelligence of their networks WNM integrated WiFi Planner tool helps and users in near real time. strategically deploy access points to optimize WiFi user experience and Armed with deeper insightful analytics, avoid costly mistakes. organizations have the intelligence and capacity to easily find and SonicWave Access points and tackle security as well as operational SonicWall Switches use Zero-Touch issues quickly. SonicWall Analytics’ Deployment to onboard automatically drill-down capabilities let security in minutes using the SonicExpress teams investigate, analyze and take mobile app. Provisioning is easy and evidence-based decisive defense and can be done remotely, saving time corrective actions against suspicious and money.

14 Professional Services DSE will know and understand Conclusion and Support your environment, policies and Discover SonicWall security products IT objectives to bring you fast Achieve more from your SonicWall technical resolution when you Integrate your hardware, software and network security solution and get the need support. services for best-of-breed security. support you need, when you need Global Professional Services Learn more at www.sonicwall.com. it. With SonicWall enterprise support Learn about purchase and upgrade and professional services, you'll Need help determining the best options at www.sonicwall.com/how-to- gain superior long-term value from security solution for your business, as buy. And try out SonicWall solutions for your solution. well as setting it up within your existing yourself at www.sonicwall.com/trials. Global Support Services infrastructure? Let us take care of it. With Global Professional Services, Get convenient support to keep your you get a single point of contact for business humming along smoothly: all your deployment and integration needs. You'll receive services tailored Technical Support to your unique environment and • 8x5 – Monday through Friday, assistance with: 8 a.m. to 5 p.m. for non-critical environments. • Planning: Scoping and understanding your • 7x24 – Around the clock support, firewall requirements. including weekends and holidays, for business-critical environments. • Implementation/Deployment: Assessing and deploying Value Add Support your solution.

• Premier Support provides • Knowledge transfer: enterprise environments with Using, managing and maintaining a dedicated Technical Account your device. Manager (TAM). Your TAM acts on your behalf as a trusted advisor • Migration: who works with your staff to help Minimizing disruption and ensuring minimize unplanned downtime, business continuity. optimize IT processes, provide SonicWall enterprise services are operational reports to drive available with NSsp/NSa/TZ Series efficiencies and is your single point SMA/Email Security/GMS. of accountability for a seamless support experience. Learn more: https://support.software. • Dedicated Support Engineer com/essentials/support-offerings. (DSE) provides a named engineering resource to support your enterprise account. Your

15 © 2021 SonicWall Inc. ALL RIGHTS RESERVED. OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON- INFRINGEMENT. IN NO EVENT SHALL SonicWall is a trademark or registered trademark of SonicWall SONICWALL AND/OR ITS AFFILIATES BE LIABLE FOR Inc. and/or its affiliates in the U.S.A. and/or other countries. All ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, other trademarks and registered trademarks are property of SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT their respective owners. LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT The information in this document is provided in connection OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF with SonicWall Inc. and/or its affiliates’ products. No SONICWALL AND/OR ITS AFFILIATES HAVE BEEN ADVISED license, express or implied, by estoppel or otherwise, to any OF THE POSSIBILITY OF SUCH DAMAGES. SonicWall and/ intellectual property right is granted by this document or or its affiliates make no representations or warranties with in connection with the sale of SonicWall products. EXCEPT respect to the accuracy or completeness of the contents AS SET FORTH IN THE TERMS AND CONDITIONS AS of this document and reserves the right to make changes to SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT, specifications and product descriptions at any time without SONICWALL AND/OR ITS AFFILIATES ASSUME NO LIABILITY notice. SonicWall Inc. and/or its affiliates do not make any WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED commitment to update the information contained in OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS this document. INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY

About SonicWall SonicWall delivers Boundless Cybersecurity for the hyper- distributed era and a work reality where everyone is remote, mobile and unsecure. By knowing the unknown, providing real-time visibility and enabling breakthrough economics, SonicWall closes the cybersecurity business gap for enterprises, governments and SMBs worldwide. For more information, visit www.sonicwall.com

If you have any questions regarding your potential use of this material, contact: SonicWall Inc. 1033 McCarthy Boulevard Milpitas, CA 95035 Refer to our website for additional information. www.sonicwall.com

Brochure-SonicWallProductLines-March 2021-US-VG-4117