Datasheet

ManualsBrandsSonicWALL ManualsNetworking01-SSC-7034

Network Security Appliance

onicWALL

ECLASS

Comprehensive, Integrated Best-of-Breed Threat Protection

Uniﬁ ed Threat Management Load Balancing

Single processor designs that include multiple protection technologies are severely limited by a single

centralized processor. SonicWALL UTM load balancing integrates a high-speed deep packet inspection and

traﬃ c classiﬁ cation engine onto multiple security cores inspecting applications, ﬁ les and content-based traﬃ c

in real time without signiﬁ cantly impacting performance or scalability. This enables the scanning and control of

threats for enterprise-class networks that carry bandwidth

intensive and latency sensitive applications .

Uniﬁ ed Threat Management Engine

The SonicWALL E-Class NSA UTM engine delivers the ﬁ rst scalable application layer inspection engine that

can analyze ﬁ les and content of any size in real time without reassembling packets or application content. This

means of inspection is designed speciﬁ cally for real-time applications and latency sensitive traﬃ c, delivering

complete control and inspection without having to proxy connections. Using this engine design, high-speed

network traﬃ c is inspected more eﬃ ciently and reliably for an improved end user experience.

E-Class Network Security Appliance Architecture

Trac In

Single-processor Core

Single-processor

Core

Inspection

Architecture

Trac Out

Inspection Performance

Trac In Trac Out

Multi-processor Core

with Deep Packet Inspection

Deep Packet Inspection Architecture

UTM Load Balancing

Firewall

Gateway Anti-Virus

Anti-Spyware

Intrusion Prevention

Content Filtering

Application Control

Clean VPN

Processor

Inspection Performance

SonicWALL ArchitectureCompetitive Architecture

Processor

Central-site Gateway

Deployed as a Central-site Gateway the NSA Series

provides a high-speed scalable platform, providing

network segmentation and security using VLAN’s and

security zones. Redundancy features include WAN Load

balancing, ISP fail-over and stateful high availability.

Layer 2 Bridge Mode

Layer 2 bridge mode provides inline intrusion

detection and prevention, adds an additional level

of zone-based security to network segments or

business units and simpliﬁ es layered security.

Additionally, this enables administrators to limit

access to sensitive data by speciﬁ c business unit or

database server.

Flexible, Customizable Deployment Options

Dual ISP Failover

Stateful High Availability

Finance

Marketing Engineering

HF Link

User Zone Administrative Servers

NSA Series as Central-site Gateway

NSA Series as In-line UTM Solution

Full L2-L7

Signature-based

inspection

application

awareness

Trac In

Packet Assembly-based Process

Trac Out

Proxy

SonicWALL ArchitectureCom

etitive Architecture

Scanning

When proxy becomes full

or content too large,

les bypass scanning

Packet

Disassembly

Trac In Trac Out

Packet Re-assembly-free Process

Re-assembly-free Packet Scanning

without proxy or content size limitations

Inspection Time Inspection Time Inspection Capactiy

Inspection

Capactiy