Specification Sheet
10
VIRTUAL PRIVATE NETWORKING
Feature Description
Auto-provision VPN
Simplies and reduces complex distributed rewall deployment down to a trivial effort by automating the initial
site-to-site VPN gateway provisioning between SonicWall rewalls while security and connectivity occurs
instantly and automatically.
IPSec VPN for site-to-site connectivity
High-performance IPSec VPN allows the TZ series to act as a VPN concentrator for thousands of other
large sites, branch ofces or home ofces.
SSL VPN or IPSec client remote access
Utilizes clientless SSL VPN technology or an easy-to-manage IPSec client for easy access to email, les,
computers, intranet sites and applications from a variety of platforms.
Redundant VPN gateway
When using multiple WANs, a primary and secondary VPN can be congured to allow seamless, automatic
failover and failback of all VPN sessions.
Route-based VPN
The ability to perform dynamic routing over VPN links ensures continuous uptime in the event of a
temporary VPN tunnel failure, by seamlessly re-routing trafc between endpoints through alternate routes.
CONTENT/CONTEXT AWARENESS
Feature Description
User activity tracking
User identication and activity are made available through seamless AD/LDAP/Citrix1/Terminal Services1
SSO integration combined with extensive information obtained through DPI.
GeoIP country trafc identication
Identies and controls network trafc going to or coming from specic countries to either protect against
attacks from known or suspected origins of threat activity, or to investigate suspicious trafc originating
from the network. Provides the ability to create custom country and Botnet lists to override an incorrect
country or Botnet tag associated with an IP address. Eliminates unwanted ltering of IP addresses due to
misclassication.
Regular expression DPI ltering
Prevents data leakage by identifying and controlling content crossing the network through regular
expression matching. Provides the ability to create custom country and Botnet lists to override an incorrect
country or Botnet tag associated with an IP address.
CAPTURE ADVANCE THREAT PROTECTION
Feature Description
Multi-engine sandboxing
The multi-engine sandbox platform, which includes virtualized sandboxing, full system emulation,
and hypervisor level analysis technology, executes suspicious code and analyzes behavior, providing
comprehensive visibility to malicious activity.
Real-Time Deep Memory Inspection
(RTDMI)
This patent-pending cloud-based technology detects and blocks malware that does not exhibit any
malicious behavior and hides its weaponry via encryption. By forcing malware to reveal its weaponry into
memory, the RTDMI engine proactively detects and blocks mass-market, zero-day threats and unknown
malware.
Block until verdict
To prevent potentially malicious les from entering the network, les sent to the cloud for analysis can be
held at the gateway until a verdict is determined.
Broad le type and size analysis
Supports analysis of a broad range of le types, either individually or as a group, including executable
programs (PE), DLL, PDFs, MS Ofce documents, archives, JAR, and APK plus multiple operating systems
including Windows, Android, Mac OS X and multi-browser environments.
Rapid deployment of signatures
When a le is identied as malicious, a signature is immediately deployed to rewalls with SonicWall Capture
ATP subscriptions and Gateway Anti-Virus and IPS signature databases and the URL, IP and domain
reputation databases within 48 hours.
Capture Client
Capture Client is a unied client platform that delivers multiple endpoint protection capabilities, including
advanced malware protection and support for visibility into encrypted trafc. It leverages layered protection
technologies, comprehensive reporting and endpoint protection enforcement.
ENCRYPTED THREAT PREVENTION
Feature Description
TLS/SSL decryption and inspection
Decrypts and inspects TLS/SSL encrypted trafc on the y, without proxying, for malware, intrusions and
data leakage, and applies application, URL and content control policies in order to protect against threats
hidden in encrypted trafc. Included with security subscriptions for all TZ series models except SOHO. Sold
as a separate license on SOHO.
SSH inspection
Deep packet inspection of SSH (DPI-SSH) decrypts and inspect data traversing over SSH tunnel to prevent
attacks that leverage SSH.
INTRUSION PREVENTION
Feature Description
Countermeasure-based protection
Tightly integrated intrusion prevention system (IPS) leverages signatures and other countermeasures
to scan packet payloads for vulnerabilities and exploits, covering a broad spectrum of attacks and
vulnerabilities.
Automatic signature updates
The SonicWall Threat Research Team continuously researches and deploys updates to an extensive list of
IPS countermeasures that covers more than 50 attack categories. The new updates take immediate effect
without any reboot or service interruption required.