Specification Sheet
11
INTRUSION PREVENTION CON'T
Feature Description
Intra-zone IPS protection
Bolsters internal security by segmenting the network into multiple security zones with intrusion prevention,
preventing threats from propagating across the zone boundaries.
Botnet command and control (CnC)
detection and blocking
Identies and blocks command and control trafc originating from bots on the local network to IPs and
domains that are identied as propagating malware or are known CnC points.
Protocol abuse/anomaly Identies and blocks attacks that abuse protocols in an attempt to sneak past the IPS.
Zero-day protection
Protects the network against zero-day attacks with constant updates against the latest exploit methods
and techniques that cover thousands of individual exploits.
Anti-evasion technology
Extensive stream normalization, decoding and other techniques ensure that threats do not enter the
network undetected by utilizing evasion techniques in Layers 2-7.
THREAT PREVENTION
Feature Description
Gateway anti-malware
The RFDPI engine scans all inbound, outbound and intra-zone trafc for viruses, Trojans, key loggers and
other malware in les of unlimited length and size across all ports and TCP streams.
Capture Cloud malware protection
A continuously updated database of tens of millions of threat signatures resides in the SonicWall cloud
servers and is referenced to augment the capabilities of the onboard signature database, providing RFDPI
with extensive coverage of threats.
Around-the-clock security updates
New threat updates are automatically pushed to rewalls in the eld with active security services, and take
effect immediately without reboots or interruptions.
Bi-directional raw TCP inspection
The RFDPI engine is capable of scanning raw TCP streams on any port bi-directionally preventing attacks
that they to sneak by outdated security systems that focus on securing a few well-known ports.
Extensive protocol support
Identies common protocols such as HTTP/S, FTP, SMTP, SMBv1/v2 and others, which do not send data in raw
TCP, and decodes payloads for malware inspection, even if they do not run on standard, well-known ports.
APPLICATION INTELLIGENCE AND CONTROL
Feature Description
Application control
Control applications, or individual application features, that are identied by the RFDPI engine against a
continuously expanding database of over thousands of application signatures, to increase network security
and enhance network productivity.
Custom application identication
Control custom applications by creating signatures based on specic parameters or patterns unique to an
application in its network communications, in order to gain further control over the network.
Application bandwidth management
Granularly allocate and regulate available bandwidth for critical applications or application categories while
inhibiting nonessential application trafc.
Granular control
Control applications, or specic components of an application, based on schedules, user groups, exclusion
lists and a range of actions with full SSO user identication through LDAP/AD/Terminal Services/Citrix
integration.
CONTENT FILTERING
Feature Description
Inside/outside content ltering
Enforce acceptable use policies and block access to HTTP/HTTPS websites containing information or
images that are objectionable or unproductive with Content Filtering Service and Content Filtering Client.
Enforced Content Filtering Client
Extend policy enforcement to block internet content for Windows, Mac OS, Android and Chrome devices
located outside the rewall perimeter.
Granular controls
Block content using the predened categories or any combination of categories. Filtering can be scheduled
by time of day, such as during school or business hours, and applied to individual users or groups.
Web caching
URL ratings are cached locally on the SonicWall rewall so that the response time for subsequent access to
frequently visited sites is only a fraction of a second.
ENFORCED ANTI-VIRUS AND ANTI-SPYWARE
Feature Description
Multi-layered protection
Utilize the rewall capabilities as the rst layer of defense at the perimeter, coupled with endpoint
protection to block, viruses entering network through laptops, thumb drives and other unprotected systems.
Automated enforcement option
Ensure every computer accessing the network has the appropriate antivirus software and/or DPI-
SSL certicate installed and active, eliminating the costs commonly associated with desktop antivirus
management.
Automated deployment and
installation option
Machine-by-machine deployment and installation of antivirus and anti-spyware clients is automatic across
the network, minimizing administrative overhead.
Next-generation antivirus
Capture Client uses a static articial intelligence (AI) engine to determine threats before they can execute
and roll back to a previous uninfected state.
Spyware protection
Powerful spyware protection scans and blocks the installation of a comprehensive array of spyware programs
on desktops and laptops before they transmit condential data, providing greater desktop security and
performance.