Professional Documents
Culture Documents
NETWORK SECURITY
The SonicWALL SuperMassive E10000 Series is SonicWALLs Next-Generation Firewall platform designed for large networks to deliver scalability, reliability and deep security at multi-gigabit speeds. Built to meet the needs of enterprise, government, university, and service provider deployments, the SuperMassive E10000 Series is ideal for securing enterprise networks, data centers and server farms. Combining its massively multi-core architecture and SonicWALLs patented* Reassembly-Free Deep Packet Inspection (RFDPI) technology, the SuperMassive E10000 Series delivers industry-leading application control, intrusion prevention, malware protection and SSL inspection at multi-gigabit speeds. The SonicWALL E10000 Series is designed with power, space, and cooling (PSC) in mind, providing the leading Gbps/Watt in the industry for application control and threat prevention. SonicWALLs Reassembly-Free Deep Packet Inspection engine scans every byte of every packet delivering full content inspection of the entire stream while providing high performance and low latency. This technology is superior to outdated proxy designs that reassemble content using sockets bolted to anti-malware programs that are plagued with inefficiencies and overhead of socket memory thrashing that leads to high latency, low performance and file size limitations. The RFDPI engine delivers full content inspection to eliminate threats before they enter the network and provides protection against millions of unique malware variants without file size, performance or latency limitations. The RFDPI engine also provides full inspection of SSL-encrypted traffic as well as non-proxyable applications enabling complete protection regardless of transport or protocol. Intuitive AppFlow Visualization allows for the identification of productive and unproductive application traffic in real time which can then be controlled through powerful application-level policies. Application control can be exercised on both a per-user and per-group basis, along with schedules and exception lists. All application, intrusion prevention, and malware signatures are constantly updated by SonicWALLs Research Team. Additionally, SonicWALLs advanced operating system, SonicOS, provides integrated tools that allow for custom application identification and control. The design provides near-linear performance increases and scales up to 96 cores of processing power to deliver 40+ Gbps of Firewall throughput, 30+ Gbps of Application Inspection, 30+ Gbps of Intrusion Prevention, and 10+ Gbps of Anti-Malware protection. Consisting of the E10100, E10200, E10400 and E10800, the SuperMassive E10000 Series is field upgradeable, futureproofing the security infrastructure investment as network bandwidth and security requirements increase.
* U.S. Patents 7,310,815; 7,600,257; 7,738,380; 7,835,361
Massively Scalable Multicore Architecture Designed for 10/40 Gbps Infrastructure Superior Granular Application Intelligence, Control and Visualization Complete Threat Protection Including High Performance Intrusion Prevention and Low Latency Malware Protection Full Inspection of SSL Encrypted Traffic Without Overhead, Latency, and Memory Thrashing Associated with Socket Based SSL Proxies
The SonicWALL SuperMassive chassis includes 6 x 10-GbE SFP+ and 16 x 1-GbE SFP ports, redundant 850W AC power supplies, hot swappable dual redundant fan modules, and massively scales up to 96 processing cores.
Capability Processing Cores Firewall Throughput Application Intelligence Throughput IPS Throughput Anti-Malware Throughput Maximum Connections Upgrade Path
E10100 12 (+12 Integrated HA Mode) 5.0 Gbps 4.0 Gbps 4.0 Gbps 2.0 Gbps 1.5M Upgradeable to the E10200
E10200 24 10 Gbps 7.5 Gbps 7.5 Gbps 3.0 Gbps 3.0M Upgradeable to the E10400
E10400 48 20 Gbps 15 Gbps 15 Gbps 6.0 Gbps 6.0M Upgradeable to the E10800
80 GB SSD Drive
LCD Display
LCD Controls
Console Port
Future Use
Scalable Performance with a Multi-Core Architecture The SonicWALL SuperMassive E10000 Series is built with a focus on high performance, scalability and high availability, providing large enterprises a platform to address their most demanding security needs. This combination of scalability and performance is a result of a powerful and massively scalable multi-core architecture paired with SonicWALLs proprietary Reassembly-Free Deep Packet Inspection engine that can scale linearly to any number of processing cores. Environments that see their network security needs grow with time can upgrade their system to increase the available performance of their SuperMassive platform.
Engineered for High Performance The SuperMassive E10000 Series is engineered to deliver ultra low latency Deep Packet Inspection that large enterprises demand. The SuperMassive fabric interconnect provides 240 GbE of nonblocking bandwidth with less than 1 s latency for unhindered communication between the 96 processing cores and the 6 x 10-GbE SFP+ and the 16 x 1-GbE SFP ports.
240 GbE SM Interconnect 16 x 1 GbE SFP
6 x 10 GbE SFP+
96 Cores
Intelligent Design for Superior DPI Throughput While stateful packet inspection is still necessary, it alone is insufficient to protect against todays application and contentborne threats. Full deep packet inspection capabilities like application control, intrusion prevention and anti-malware provide a significantly increased level of security and network control, but must do so without diminishing network performance. SonicWALLs patented* RFDPI engine provides a highly-efficient single-pass design that consolidates all security features into a unified scanning and policy engine, enabling the platform to deliver industry-leading deep packet inspection performance.
* U.S. Patents 7,310,815; 7,600,257; 7,738,380; 7,835,361
Application Control Application Bandwidth Management Custom Application Identification AppFlow Visualization
Identify and control applications or individual components of an application based on RFDPI technology instead of relying on well known ports and protocols. Allocate bandwidth to critical applications while throttling unproductive application traffic for an efficient and productive network. Create and configure custom application identification based on traffic parameters or on patterns unique to an application in its network communications. Advanced visualization along with comprehensive statistics provide administrators with a clear view into exactly what applications and application components are in use on the network and by whom in real time. A continuously expanding database of over 3,500 application signatures ensures that administrators are able to control the usage of all the latest applications on their network at a category or individual level. Export application usage data through IPFIX or through Netflow protocols for third-party monitoring and reporting of network data and application usage data. SSL traffic is decrypted and inspected for malware and intrusions by the Reassembly-Free Deep Packet Inspection engine in addition to applying application, URL, and content control policies on potentially evasive traffic. User identification is seamlessly integrated with Microsoft Active Directory and other authentication systems enabling tracking and reporting of individual user identification. Identify and control network traffic going to or coming from specific countries.
User Activity Tracking GeoIP Country Traffic Identification Gateway Threat Prevention Gateway Anti-Malware
SonicWALLs proprietary RFDPI engine scans all ports and protocols for viruses without file size or stream length limitation. SonicLabs Researchers constantly provide updated threat protection, providing faster response times and threat prevention. Reassembly-Free Deep Packet Inspection keeps track of malware regardless of the order or the timing with which the packets arrive, allowing for extreme low latency while eliminating file size and stream size limitation, and providing greater performance and security than outdated proxy designs that reassemble content using sockets bolted to traditional anti-virus programs that are plagued with inefficiencies and overhead of socket memory thrashing that leads to high latency, low performance and file size limitations. In addition to utilizing the on-board database, the RFDPI engine also consults with the SonicWALL Cloud Services for additional information on over four million malware signatures and growing. RFDPI can be performed on both inbound and outbound connections to provide protection in all network traffic directions. SonicLabs Research Team team creates and updates signature databases that are propagated automatically to the firewalls in the field, with those signatures taking immediate effect without any reboot or service interruption required.
Intrusion Prevention
Feature Description
Tightly integrated, signature-based intrusion prevention scans packet payloads for vulnerabilities and exploits that target critical internal systems. SonicWALLs Research Team continuously updates and deploys an extensive list of over 5,400 IPS signatures covering 52 attack categories. These signatures take immediate effect and do not require reboots or any other interruption in service. The ability to inspect both inbound and outbound traffic ensures that the network will not unwittingly be used in Distributed Denial of Service attacks and will prevent any Command and Control Botnet communication. Intrusion prevention can be deployed between internal security zones to protect sensitive servers and to prevent internal attacks.
VPN IPSec VPN for Site-to-site Connectivity SSL VPN or IPSec Client Remote Access Redundant VPN Gateway Route-based VPN High-performance IPSec VPN allows the SuperMassive E10000 Series to act as a VPN concentrator for thousands of other large sites, branch offices or home offices. Utilize clientless SSL VPN technology or an easy-to-manage IPSec client for easy access to email, files, computers, intranet sites and applications from a variety of platforms. When using multiple WANs, a primary and secondary VPN can be configured to allow seamless automatic failover and failback of all VPN sessions. The ability to perform dynamic routing over VPN links ensures continuous uptime in the event of a temporary VPN tunnel failure by seamlessly re-routing traffic between endpoints through alternate routes.
VoIP Advanced QoS DPI of VoIP Traffic H.323 Gatekeeper and SIP Proxy Support Guarantee critical communications with 802.1p and DSCP tagging and remapping of VoIP traffic on the network. Predefined signatures detect and block VoIP specific threats. Block spam calls by requiring that all incoming calls are authorized and authenticated by H.323 gatekeeper or SIP proxy.
Firewall and Networking Stateful Packet Inspection DOS Attack Protection Flexible Deployment Policy-based Routing All network traffic is inspected, analyzed and brought into compliance with firewall access policies. SYN Flood protection provides defense against DOS attacks using both layer 3 SYN proxy and layer 2 SYN blacklisting technologies. Can be deployed in traditional NAT, Layer 2 Bridge, Wire Mode and Network Tap modes. Create routes based on protocol to direct traffic to a preferred WAN connection with the ability to fail back to a secondary WAN in the event of an outage.
High Availability
Supports Stateful Active/Passive, Active/Active DPI and Active/Active Clustering failover to ensure not only increased reliability by protecting against hardware or software faults, but also an increase in performance through Reassembly-Free Deep Packet Inspection workload offloading to the cores available on stand-by units. Load balance up to four WAN interfaces using Round Robin, Spillover or Percentage based methods.
Management and Monitoring Web GUI SNMP Netflow/IPFIX An intuitive Web-based interface allows quick and convenient configuration in addition to management through SonicWALL Global Management System or the CLI. SNMP provides the ability to protectively monitor and respond to threats and alerts. Export an extended set of data through IPFIX or through Netflow protocols for third-party monitoring and reporting of network data and application usage data correlated with factors such as user identification and others. With SonicWALL Global Management System (GMS), monitor, configure and report on multiple SonicWALL appliances from a single intuitive interface and customize your security environment to suit your individual policies.
SonicOS Feature Summary Firewall n Reassembly-Free Deep Packet Inspection n Deep Packet Inspection for SSL n Stateful Packet Inspection n DOS Attack Protection n TCP Reassembly n Stealth Mode Application Control n Application Control n Application Component Blocking n Application Bandwidth Management n Custom Application Signature Creation n AppFlow Visualization n Data Leakage Prevention n IPFIX with Extensions Reporting n User Activity Tracking n GeoIP Country Traffic Identification n Comprehensive Application Signature Database Intrusion Prevention n Signature-based Scanning n Automatic Signature Updates n Outbound Threat Prevention n IPS Exclusion List n Hyperlinked Log Messages n Unified CFS and App Control with Bandwidth Throttling Anti-Malware n Stream-based Malware Scanning n Gateway Anti-Virus n Gateway Anti-Spyware n SSL Decryption n Anti-Spam n Bi-directional Inspection n No File Size Limitation VPN n IPSec VPN for Site-to-site Connectivity n SSL VPN or IPSec Client Remote Access n Redundant VPN Gateway n Route-based VPN Web Content Filtering n URL Filtering n Anti-proxy Technology n Keyword Blocking n Bandwidth Manage CFS Rating Categories n Unified Policy Model with App Control VoIP n Advanced QoS n Bandwidth Management n DPI of VoIP Traffic n Full Interoperability n H.323 Gatekeeper and SIP Proxy Support Networking n Dynamic Routing n Policy-based Routing Advanced NAT DHCP Server n Bandwidth Management n IPv6 n Link Aggregation n Port Redundancy n High Availability n Load Balancing
n n
Management and Monitoring n Web GUI n Command Line Interface n SNMP n ViewPoint Reporting n Logging n Netflow/IPFIX n App Visualization n LCD Management Screen n Centralized Policy Management n Single Sign-On n Terminal Service/Citrix Support n Solera Networks Forensics Integration Security Services n Intrusion Prevention Service n Gateway Anti-Malware Service n Content Filtering Service n Enforced Client Anti-Virus and Anti-Spyware Service n Application Intelligence, Control and Visualization Service
System Specifications
E10100
E10200 SonicOS 24 6 x 10-GbE SFP+ 16 x 1-GbE SFP 1 GbE, 1 Console 16 GB 80 GB SSD, Flash 10 Gbps 7.5 Gbps 7.5 Gbps 3.0 Gbps 5.0 Gbps 160,000/sec 3.0M 2.5M
E10400 48
E10800 96
Operating System Cores 12 (+ 12 HA) 10 GbE Interfaces 1 GbE Interfaces Management Interfaces Memory (RAM) 8 GB Storage Firewall Inspection Throughput 5.0 Gbps Application Inspection Throughput 4.0 Gbps IPS Throughput 4.0 Gbps Anti-Malware Inspection Throughput 2.0 Gbps VPN Throughput 2.5 Gbps Connections per second 80,000/sec Maximum Connections (SPI) 1.5M Maximum Connections (DPI) 1.2M VPN Site-to-site Tunnels IPSec VPN Clients SSL VPN Licenses Encryption Authentication Key Exchange Route-based VPN Networking IP Address Assignment NAT Modes VLAN Interfaces Routing Protocols QoS Authentication IPv6 VoIP Standards Certifications Pending Common Access Card (CAC) Support Hardware Power Supply Fans Display Input Power Maximum Power Consumption (W) Form Factor Dimensions Weight WEEE Weight Shipping Weight Major Regulatory Environment Humidity 10,000 2,000 20 (1,000)*
64 GB 40 Gbps 30 Gbps 30 Gbps 12 Gbps 20 Gbps 640,000/sec 12.0M 10.0M 10,000 (80,000)* 2,000 (16,000)* 50 (8,000)*
10,000 (20,000)* 10,000 (40,000)* 2,000 (4,000)* 2,000 (8,000)* 50 (2,000)* 50 (4,000)* DES, 3DES, AES (128, 192, 256-bit) MD5, SHA-1 Diffie Hellman Groups 1, 2, 5, 14 RIP, OSPF
Static (DHCP PPPoE, L2TP and PPTP client), Internal DHCP server, DHCP Relay 1:1, many:1, 1:many, flexible NAT (overlapping IPS), PAT, transparent mode 512 BGP*, OSPF, RIPv1/v2, static routes, policy-based routing, multicast Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, terminal services, Citrix IPv6 RFDPI, firewall, VPN, NAT; Dual stack IPv4/IPv6; IPv6 to/from IPv4 translations; ICMPv6; DHCPv6; DNSv6 Full H323-v1-5, SIP TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS, IEEE 802.3 FIPS 140-2, Common Criteria EAL4+, NEBS, ICSA Firewall Pending Dual, Redundant, Hot Swappable, 850 W Dual, Redundant, Hot Swappable Front LED Display 100-240 VAC, 60-50 Hz 400 550
350
750
4U Rack Mountable 17x18x7 in (43x43.5x17.8 cm) 58 lb (26.3 kg) 58 lb (26.3 kg) 61 lb (27.7 kg) 67 lb (30.3 k 59 lb (26.8 kg) 59 lb (26.8 kg) 62 lb (28.1 kg) 68 lb (30.8 kg) 79 lb (35.8 kg) 79 lb (35.8 kg) 82 lb (37.2 kg) 88 lb (39.9 kg) FCC Class A, CE, C-Tick, VCCI, Compliance MIC, UL, cUL, TUV/GS, CB, NOM, RoHS, WEEE 40-105 F, 5-40 deg C 10-90% non-condensing
*Available with expanded license. All specifications, features and availability are subject to change.
SonicWALLs line-up of dynamic security solutions SonicWALL, Inc. 2001 Logic Drive, San Jose, CA 95124 T +1 408.745.9600 F +1 408.745.9300 www.sonicwall.com
NETWORK SECURITY
2011 SonicWALL and the SonicWALL logo is registered trademarks of SonicWALL, Inc. Dynamic Security For The Global Network is a trademark of SonicWALL, Inc. Other product names mentioned herein may be trademarks and/or registered trademarks of their respective companies. Specifications and descriptions subject to change without notice. 02/11 SW 1121 v23