From small business to large enterprise, from home to the cloud, SonicWall next-generation firewalls provide the security, control and visibility you need to ensure effective cyber security. SonicWall's award-winning hardware and advanced technology resides inside every firewall, arming you against future threats. With solutions for networks of all sizes, SonicWall firewalls are designed to meet your specific security and usability needs, at a price that will save your budget and protect your network.
With the SonicWall TZ Series, you get rapid threat response in a flexible, integrated security solution. The TZ Series is specifically designed for small networks and distributed enterprises with remote and branch office locations.
The SonicWall TZ series of next generation firewalls (NGFW) is ideally suited for any organization that requires enterprise-grade network protection.
SonicWall TZ Series firewalls provide broad protection from compromise by combining advanced security services consisting of on-box and cloud-based anti-malware, anti-spyware, intrusion prevention system (IPS), and content/URL filtering. To counter the trend of encrypted attacks, the SonicWall TZ series has the ability and processing power to inspect SSL connections against the latest threats, providing an even higher level of security. Backed by the SonicWall Global Response Intelligent Defense (GRID) network, the SonicWall TZ series delivers continuous updates to maintain a strong network defense from cybercriminals. With full deep packet inspection operating at performance levels that match broadband connection speeds, the SonicWall TZ series is able to scan every byte of every packet on all ports and protocols with almost zero latency. This eliminates bottlenecks and allows organizations to use security as an enabler, not an inhibitor.
The SonicWall TZ series also features an integrated wireless access controller, 1-Gigabit Ethernet ports, and native VPN remote access clients for fast, secure mobile access. The SonicWall Global Management System (GMS) enables deployment and management of SonicWall TZ series firewalls from a single system at the central office.
- Reassembly-Free Deep Packet Inspection (RFDPI) engine
The RFDPI engine provides superior threat protection and application control without compromising performance. This patented engine inspects the traffic stream to detect threats at Layers 3-7. The RFDPI engine takes network streams through extensive and repeated normalization and decryption in order to neutralize advanced evasion techniques that seek to confuse detection engines and sneak malicious code into the network. Once a packet undergoes the necessary preprocessing, including SSL decryption, it is analyzed against a single proprietary memory representation of three signature databases: intrusion attacks, malware and applications. The connection state is then advanced to represent the position of the stream relative to these databases until it encounters a state of attack, or another "match" event, at which point a pre-set action is taken. As malware is identified, the SonicWall firewall terminates the connection before any compromise can be achieved and properly logs the event. However, the engine can also be configured for inspection only or, in the case of application detection, to provide Layer 7 bandwidth management services for the remainder of the application stream as soon as the application is identified.
- Extensible architecture for extreme scalability and performance
The RFDPI engine is designed from the ground up with an emphasis on providing security scanning at a high performance level, to match both the inherently parallel and ever-growing nature of network traffic. When combined with multi-core processor systems, this parallel-centric software architecture scales up perfectly to address the demands of deep packet inspection at high traffic loads. The SonicWall TZ Series platform relies on processors that, unlike x86, are optimized for packet, crypto and network processing while retaining flexibility and programmability in the field - a weak point for ASICs systems. This flexibility is essential when code and behavior updates are necessary to protect against attacks that require updated and more sophisticated detection techniques.