Description
The Dell SonicWALL TZ series of next generation firewalls (NGFW) is ideally suited for any organization that requires enterprise-grade network protection.
SonicWALL TZ Series firewalls provide broad protection from compromise by combining advanced security services consisting of on-box and cloud-based anti-malware, anti-spyware, intrusion prevention system (IPS), and content/URL filtering. To counter the trend of encrypted attacks, the SonicWALL TZ series has the ability and processing power to inspect SSL connections against the latest threats, providing an even higher level of security. Backed by the Dell SonicWALL Global Response Intelligent Defense (GRID) network, the SonicWALL TZ series delivers continuous updates to maintain a strong network defense from cybercriminals. With full deep packet inspection operating at performance levels that match broadband connection speeds, the SonicWALL TZ series is able to scan every byte of every packet on all ports and protocols with almost zero latency. This eliminates bottlenecks and allows organizations to use security as an enabler, not an inhibitor.
The SonicWALL TZ series also features an integrated wireless access controller, 1-Gigabit Ethernet ports, and native VPN remote access clients for fast, secure mobile access. The Dell SonicWALL Global Management System (GMS) enables deployment and management of SonicWALL TZ series firewalls from a single system at the central office.
-
Reassembly-Free Deep Packet Inspection (RFDPI) engine
The RFDPI engine provides superior threat protection and application control without compromising performance. This patented engine inspects the traffic stream to detect threats at Layers 3-7. The RFDPI engine takes network streams through extensive and repeated normalization and decryption in order to neutralize advanced evasion techniques that seek to confuse detection engines and sneak malicious code into the network. Once a packet undergoes the necessary preprocessing, including SSL decryption, it is analyzed against a single proprietary memory representation of three signature databases: intrusion attacks, malware and applications. The connection state is then advanced to represent the position of the stream relative to these databases until it encounters a state of attack, or another "match" event, at which point a pre-set action is taken. As malware is identified, the SonicWall firewall terminates the connection before any compromise can be achieved and properly logs the event. However, the engine can also be configured for inspection only or, in the case of application detection, to provide Layer 7 bandwidth management services for the remainder of the application stream as soon as the application is identified. -
Extensible architecture for extreme scalability and performance
The RFDPI engine is designed from the ground up with an emphasis on providing security scanning at a high performance level, to match both the inherently parallel and ever-growing nature of network traffic. When combined with multi-core processor systems, this parallel-centric software architecture scales up perfectly to address the demands of deep packet inspection at high traffic loads. The SonicWall TZ Series platform relies on processors that, unlike x86, are optimized for packet, crypto and network processing while retaining flexibility and programmability in the field - a weak point for ASICs systems. This flexibility is essential when code and behavior updates are necessary to protect against attacks that require updated and more sophisticated detection techniques.
Specifications
Summary
- Product Description
- SonicWall TZ600 - security appliance
- Device Type
- Security appliance
- Form Factor
- External
- Data Link Protocol
- Ethernet, Fast Ethernet, Gigabit Ethernet
- Performance
- Firewall throughput: 1.9 Gbps , Application throughput: 1.8 Gbps , IPS throughput: 1.2 Gbps , Anti-malware throughput: 800 Mbps , TLS/SSL inspection and decryption throughput: 300 Mbps , VPN throughput (IPSec): 1.1 Gbps , Connection rate: 12000 connections per second , Threat prevention throughput: 800 Mbps
- Capacity
- Virtual interfaces (VLANs): 50 , SSL VPN licences: 2 (maximum 200) , VPN tunnels (site-to-site): 50 , IPSec VPN clients: 2 (maximum 25) , SPI connections: 150000 , DPI connections: 125000 , Authenticated users (internal database): 250 , Single Sign-On (SSO) users: 500 , Manageable access points: 24 , DPI SSL connections: 25000
- VoIP Protocols
- SIP, H.323 v3, H.323 v4, H.323 v1, H.323 v2, H.323 v5
- Power
- AC 100-240 V (50/60 Hz)
- Dimensions (WxDxH)
- 28 cm x 8 cm x 3.5 cm
- Weight
- 1.47 kg
Detailed Specification
General
- Device Type
- Security appliance
- Width
- 28 cm
- Depth
- 8 cm
- Height
- 3.5 cm
- Weight
- 1.47 kg
Networking
- Form Factor
- External
- Connectivity Technology
- Wired
- Data Link Protocol
- Ethernet, Fast Ethernet, Gigabit Ethernet
- Network / Transport Protocol
- TCP/IP, PPTP, UDP/IP, L2TP, ICMP/IP, IPSec, PPPoE, DHCP
- Routing Protocol
- OSPF, RIP-1, RIP-2, BGP, static IP routing, policy-based routing (PBR)
- Remote Management Protocol
- SNMP 2, SNMP 3, HTTP, HTTPS, CLI
- Performance
- Firewall throughput: 1.9 Gbps , Application throughput: 1.8 Gbps , IPS throughput: 1.2 Gbps , Anti-malware throughput: 800 Mbps , TLS/SSL inspection and decryption throughput: 300 Mbps , VPN throughput (IPSec): 1.1 Gbps , Connection rate: 12000 connections per second , Threat prevention throughput: 800 Mbps
- Capacity
- Virtual interfaces (VLANs): 50 , SSL VPN licences: 2 (maximum 200) , VPN tunnels (site-to-site): 50 , IPSec VPN clients: 2 (maximum 25) , SPI connections: 150000 , DPI connections: 125000 , Authenticated users (internal database): 250 , Single Sign-On (SSO) users: 500 , Manageable access points: 24 , DPI SSL connections: 25000
- Features
- Firewall protection, VPN support, PAT support, VLAN support, Stateful Packet Inspection (SPI), DoS attack prevention, content filtering, port mirroring, IPv6 support, antivirus analysis, Intrusion Prevention System (IPS), URL filtering, Deep Packet Inspection (DPI), DDos attack prevention, Wi-Fi Multimedia (WMM) support, anti-spam protection, anti-malware protection, Quality of Service (QoS), Dead Peer Detection (DPD), IPSec NAT-Traversal (NAT-T), DHCP server, bandwidth control, Common Access Card (CAC) reader support, anti-spyware protection, DHCP relay, 3G/4G USB Dongle Support, NetFlow, DiffServ Code Point (DSCP) support, Single Sign-On (SSO) support, anti-virus protection, keyword filtering
- Encryption Algorithm
- DES, Triple DES, MD5, SHA-1, 128-bit AES, 192-bit AES, 256-bit AES
- Authentication Method
- RADIUS, LDAP, internal user database, Active Directory, XAUTH authentication
IP Telephony
- VoIP Protocols
- SIP, H.323 v3, H.323 v4, H.323 v1, H.323 v2, H.323 v5
Expansion / Connectivity
- Expansion Slots
- 1 (total) / 1 (free) x expansion slot
- Interfaces
- 9 x 1000Base-T - RJ-45 , 1 x 1000Base-T - RJ-45 (WAN) , 2 x USB 3.0 - Type A , 1 x console - RJ-45
Miscellaneous
- MTBF
- 18.4 years
- Compliant Standards
- FCC Class A certified, UL, TUV GS, C-Tick, BSMI, ICSA Firewall certified, cUL, ICSA Antivirus, CB, FIPS 140-2 Level 2, EMC, RoHS, WEEE, ANATEL, GOST-R, REACH, ICES Class A, KCC Class A, VPNC certified, LVD, IPv6 Ready, VCCI Class A, MSIP, CoC, UC APL
Power
- Power Device
- External power adapter
- Voltage Required
- AC 100-240 V (50/60 Hz)
- Power Consumption Operational
- 16.17 Watt
- Power Provided
- 60 Watt
Software / System Requirements
- OS Provided
- SonicOS 6.x
Environmental Parameters
- Min Operating Temperature
- 0 °C
- Max Operating Temperature
- 40 °C
- Humidity Range Operating
- 5 - 95% (non-condensing)
