Datasheet
Reassembly-Free Deep Packet
Inspection engine
The Dell SonicWALL Reassembly-Free
Deep Packet Inspection (RFDPI) engine
provides superior threat protection
and application control without
compromising performance. It relies on
streaming trac payload inspection to
detect threats at Layers 3-7, and takes
network streams through extensive and
repeated normalization and decryption
in order to neutralize advanced evasion
techniques that seek to confuse
detection engines and sneak malicious
code into the network.
Once a packet undergoes the necessary
pre-processing, including SSL
decryption, it is analyzed against a single,
proprietary memory representation of
three signature databases: intrusion
attacks, malware and applications. The
connection state is then advanced to
represent the position of the stream
relative to these databases until it
encounters a state of attack, or other
“match” event, at which point a pre-set
action is taken.
In most cases, the connection is
terminated and proper logging and
notification events are created.
However, the engine can also be
configured for inspection only or, in
case of application detection, to provide
Layer 7 bandwidth management services
for the remainder of the application
stream as soon as the application is
identified.
Trac in
Packet assembly-based process
Trac out
Proxy
Dell SonicWALL architectureCompetitive architecture
Scanning
When proxy becomes full
or content too large,
files bypass scanning
Packet
disassembly
Trac in Traffic out
Packet reassembly-free process
Reassembly-free packet scanning
without proxy or content size limitations
Inspection time Inspection time
Inspection
capacity
Inspection
capacity
Dual ISP failover Multi-WAN
redundancy
Stateful high availability
HF link
HA data link
User zone Administrative Servers
NSA Series as central-site gateway
NSA Series as in-line NGFW solution
Full L2-L7
signature-based
inspection
application
awareness
Flexible, customizable deployment
options–NSA Series at-a-glance
Every Dell SonicWALL NSA appliance
utilizes a breakthrough, multi-core
hardware design and Reassembly-Free
Deep Packet Inspection for internal and
external network protection without
compromising network performance.
The NSA Series NGFWs combine
high-speed intrusion prevention; file and
content inspection; and powerful
application intelligence and control with
an extensive array of advanced
networking and flexible configuration
features. The NSA Series oers an
aordable platform that is easy to
deploy and manage in a wide variety
of large, branch oce and distributed
network environments.
6