GAV, AS, IPS Service
SonicWALL Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention, & Application Intelligence & Control Service
Intelligent real-time protection and application control
It is no longer sufficient to rely on outdated firewall technology that only looks at the port, protocol, source IP and destination IP to determine if a session from the outside should be allowed inside the network. Modern attackers have sophisticated tools at their disposal that allow them to insert viruses, Trojans and other harmful applications into seemingly benign traffic, such as web or email, rendering traditional stateful packet inspection firewall technology obsolete. Today’s firewalls need to have deep packet inspection to look for malware hidden within the data portion of the packet, as well as a comprehensive threat signature database to find malware, intrusions and application vulnerabilities.
The SonicWALL® Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention, and Application Intelligence and Control Service delivers intelligent, real-time network security protection against sophisticated attacks. A patented innovation, SonicWALL Reassembly-Free Deep Packet Inspection® technology* delivers threat protection directly on any SonicWALL firewall. Additionally, with the proliferation of Web 2.0 and social networking technologies for both work and personal use, SonicWALL provides intelligence, control and visualization of network and application usage, with granular policies that can be created for both users and groups.
SonicWALL leverages a continuously expanding threat signature database, created and maintained by the SonicWALL SonicAlert team, which currently recognizes over 2,800 applications and detects millions of pieces of malware to protect the network automatically and seamlessly. SonicWALL firewalls are unique in their ability to handle unlimited file sizes and hundreds of thousands of concurrent downloads with near zero latency, providing ultimate scalability and performance for growing networks.
SonicWALL Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention and Application Intelligence and Control Service is available as a standalone one, two or three-year subscription service on all SonicWALL TZ, Network Security Appliance (NSA) and E-Class NSA Series appliances or it is included with either TotalSecure or Comprehensive Gateway Security Suite subscriptions.
Features and Benefits:
- Inspection across any port and protocol for either inbound or outbound traffic provides ultimate coverage against today’s threats even those using non-standard ports.
- Real-time gateway anti-virus scanning delivers intelligent file-based protection through a high- performance engine that scans for file-based Internet threats in real-time.
- Dynamic spyware protection blocks the installation of malicious spyware and disrupts background communications from existing spyware programs that transmit confidential data.
- Powerful intrusion prevention protects against a comprehensive array of network-based threats by scanning packet payloads for software vulnerabilities such as buffer overflows, peer-to-peer and instant messaging exploits, backdoor attacks, and other malware.
- Application intelligence and control provides granular control and real-time visualization of applications to guarantee bandwidth prioritization and ensure maximum network security and productivity.
- Dynamically updated signature database contains over 2,800 application and thousands of malware signatures capable of detecting millions of pieces of malware.
- Ultimate scalability and performance leverages the unique SonicWALL Reassembly-Free Deep Packet Inspection engine, which scans unlimited file sizes, and hundreds of thousands of concurrent downloads in real time.
- Powerful signatures developed by the SonicAlert teams are intelligent and flexible enough to be able to detect new variants of the already known malware, in many cases providing effective zero-day protection.
- Inter-zone scanning provides an additional layer of protection against malicious threats by allowing administrators to enforce intrusion prevention and anti-virus scanning not only between each network zone and the Internet, but also between internal network zones.
- Comprehensive logging and application traffic analytics of all intrusion attempts with the ability to filter logs based on priority level enables administrators to highlight high priority attacks, with granular reports based on attack source, destination and type of attack available through SonicWALL Analyzer, SonicWALL Scrutinizer or SonicWALL Global Management System (GMS®).
SonicWALL Deep Packet Inspection Architecture
- 1 High-performance engine scans for viruses, spyware, worms, Trojans and application exploits
- Continually updated database containing thousands of threat signatures
- Protection is extended to both wired and wireless networks
- Inter-zone scanning delivers protection not only between each network zone and the Internet, but also between internal network zones
- Protection for business communications including web browsing, e-mail use and file transfers
File Scanning Capabilities:
- Common protocols such as SMTP, POP3, IMAP, HTTP, FTP, NetBIOS and many others
- All protocols across every port, including SSL traffic with DPI SSL
- Dozens of stream-based protocols
- Instant Messaging and peer-to-peer file transfers
- Protection against malware, software vulnerabilities such as buffer overflows, as well as peer-peer-to-peer and instant messenger applications, backdoor exploits, and other malicious
- Visualization, classification and policy enforcement to help administrators control and manage both business and non-business related applications
- Able to scan an unlimited number of concurrent downloads of any file size
- Dynamically-updated database containing thousands of attack, vulnerability and high threat virus signatures
Logging and Application Traffic Analytics:
- Advanced next-generation syslog reporting for real-time logging and alerting
- Netflow/IPFIX with Extensions logging for additional network traffic detail and visualization
- Application traffic analytics through SonicWALL Analyzer, SonicWALL Scrutinizer or SonicWALL Global Management System
Supported Compression Formats:
- ZIP, Deflate and GZIP