360 likes | 644 Views
SonicWALL. TZ 170 Series Product Overview Presentation August 10, 2004. The Changing Business Environment. Businesses increasingly rely on Internet connectivity for mission-critical communications Branch office business data Retail/point-of-sale transactions
E N D
SonicWALL TZ 170 Series Product Overview Presentation August 10, 2004
The Changing Business Environment • Businesses increasingly rely on Internet connectivity for mission-critical communications • Branch office business data • Retail/point-of-sale transactions • Wireless technologies are becoming common in Retail/POS environments • Handheld barcode scanners for inventory management • Retail stations with sales capabilities throughout the store All data communication must be secure Internet connection must be reliable
Introducing the SonicWALL TZ 170 Series • New TZ 170 Series products include: • TZ 170 • TZ 170 Wireless New! • TZ 170 SP New! • TZ 170 SP Wireless Coming Soon! • Total security platformfor home office, small office, branch office and retail networks • Integrated Secure Wireless LAN* • Integrated analog modem for automated failover/failback** • Support for up to two SonicPoint satellite access points • Bundled services: 30 days of Intrusion Prevention Service, Content Filtering Service and Network Anti-Virus *TZ Wireless Models **SP Models
General Features • Deep packet inspection firewall provides complete protection from today’s threats • Intrusion Prevention Service on both the wired and wireless LANs • Integrated 5-port auto-MDIX switchallows multiple computers to network together • Optional Portcan be configured as a second LAN, a second WAN, a DMZ or a WLAN • WAN-WAN Failover and Load Balancingmaximizes network uptime • System-On-a-Chiptechnology delivers 90 Mbps firewall and 30+ Mbps VPN throughput • Comprehensive Central Management support using SonicWALL’s Global Management System
Key Security Differentiation • High performance deep packet inspection engine • Dynamically updated signature database with Intrusion Prevention Service (varies by region, starts at $245/yr US List) The TZ 170 Series’ dynamic deep packet inspection firewall addresses the new breed of application attacks, worms and trojans
TZ 170 Wireless • Integrated 802.11g Access Point • Ships with SonicOS Standard • SonicOS Enhanced Upgrade available late Q3 • Available in 25 and Unrestricted node models • Technical Specs • High powered 802.11b/g radio • 802.3af Power over Ethernet (one dedicated port) • 2 External Diversity Dipole Antennas • (2) 10/100 Ethernet Interfaces (OPT&WAN) • (1) 5-port 10/100 auto-MDIX Switch (LAN) • 64 MB RAM/8 MB Flash • 90 Mbps Stateful Packet Inspection • 30+ Mbps 3DES/AES VPN
TZ 170 Series Wireless Features • Impenetrable Wireless Security with enforced IPSec encryption on the wireless LAN • WPA and future-802.11i WLAN Security with either 802.1x or PSK user authentication • Wireless firewalling provides granular control over wireless client communications • Wireless Intrusion Detection Services (WIDS) protects wireless networks from wireless security threats and rogue access points • Wireless Guest Services (WGS) provides customers, partners and guests with wireless Internet-only access • Distributed WLAN support for seamless management of up to two SonicPoint satellite access points • PoE Support supports the 802.3af Power over Ethernet standard for location anywhere
Wireless Refresher • What is WPA? • Wi-FiProtected Access • Series of fixes for WEP • TKIP - Encryption key creation and rotation • 802.1x or Pre-shared Key (PSK) for user authentication • PSK: authenticate by entering a Pre-Shared Key or pass phrase • 802.1x: authenticate by means of a RADIUS Server through the wireless AP • NOT equivalent to the level of security achieved with WiFiSec or AES based 802.11i • What are the limitations of WPA? • Requires that both the AP and wireless NIC support WPA • No support for mixed WPA and WiFiSec traffic • WPA using PSK is highly prone to dictionary attacks • 802.11i will replace WPA in 2005 While we support WPA, we still recommend WiFiSec for ease-of-use and security
802.11i (aka WPA2) • 802.11i adds AES encryption (and more) to WPA • Resistant to all currently known techniques of cryptanalysis • 802.11i implementation timeline • Ratified in June 2004 • Wireless switch vendors will design to the new spec • Chipset updates and drivers are expected later this quarter • Initial products will most likely be hitting the market in Q404 or Q105 SonicWALL is evaluating 802.11i for the TZ 170 Series, more info to follow…
SonicWALL TZ 170 SP • Integrated v.92 analog modem • Ships with SonicOS Standard • SonicOS Enhanced Upgrade available late Q3 • 10 node model; upgradeable to 25 and Unrestricted nodes • Technical Specs • v.92 Analog Modem • (2) 10/100 Ethernet Interfaces (OPT&WAN) • (1) 5-port 10/100 auto-MDIX Switch (LAN) • 64 MB RAM/8 MB Flash • 90 Mbps Stateful Packet Inspection • 30+ Mbps 3DES/AES VPN
SonicWALL TZ 170 Series Business Continuity Features • Automated failover and failback ensures continuous network uptime by failing over to a backup WAN connection • Broadband-to-broadband-to-analogWAN redundancy provides multiple sources of WAN redundancy • Automatic dial-back enables remote dial-up management • Limited dial-time availability allows administrator to choose when modem is available, saving on phone charges • Broadband or analog connectivity options
Auto Dial-back • Intended for remote network access • A call is placed to the dial-up modem on the TZ 170 SP • TZ 170 SP receives call, answers and hangs up • The TZ 170 SP then dials out, establishing an Internet session • At this point the TZ 170 SP is now accessible via the WAN using HTTPS • Devices on the LAN can also be accessed from the WAN as Public LAN Servers Auto Dial-back will be available in SonicOS Standard 2.7
Limited Dial-time Availability • Limited Dial Time Availability available for each dial-up profile (off by default) • Administrator sets the schedule for each day of the week and hours/minutes • If a dial-out event is within the schedule policy it is allowed • If it is outside the policy it is blocked and logged • Events Logged include: • Successful (i.e. scheduled) dial-outs • Unsuccessful dial-outs (i.e. outside the scheduled window)
TZ 170 SP Wireless • The best of everything • Integrated Analog modem and 802.11g Access Point • Ships with SonicOS Enhanced • Availability planned for Late Q3 • Available in 10 node model; upgradeable to 25 and Unrestricted nodes • Technical Specs • High powered 802.11b/g radio • V.92 analog modem • 802.3af Power over Ethernet (one port) • 2 External Diversity Dipole Antennas • (2) 10/100 Ethernet Interfaces (OPT&WAN) • (1) 5-port 10/100 auto-MDIX Switch (LAN) • 64 MB RAM/8 MB Flash • 90 Mbps Stateful Packet Inspection • 30+ Mbps 3DES/AES VPN
New! Comprehensive Gateway Security Bundle • Basic Hardware: TZ 170, TZ 170 Wireless, TZ 170 SP, TZ 170 SP Wireless • TZ 170 8x5 Support Bundle includes: • 1 year 8x5 support • TZ 170 Series Comprehensive Gateway Security Suite Upgrade: • Includes: • 1 Year IPS Basic Edition Deep Packet Inspection Firewall Signature Updates • 1 Year Content Filtering Service Standard Edition • 1 Year 8x5 Support • ViewPoint Upgrade • Available in a bundled version for TZ 170 only (10 Node, 25 Node, and Unrestricted Node versions) • Available as an activation key upgrade that can be applied to any TZ 170 Series product (TZ 170, TZ 170 Wireless, TZ 170 SP, and TZ 170 SP Wireless)
The New TZ 170 Series Wireless Solution With SonicWALL, it is easy to integrate advanced WLAN services within the existing network and security architecture. • Features • Wireless security ensured using SonicWALL Global VPN Client • Granular control of wireless user network access • Rogue Access Point Detection minimizes backdoors • Wireless Guest Services allows easy Internet access for guests • Standards-based WEP, WPA and IPSec encryption options
The New TZ 170 Series Wireless Solution Even in distributed wireless environments • Features • Seamless wireless roaming enables intra-office mobility • Central Management of SonicPoint 802.11a/b/g satellite access points
Global VPN Client Solutions Secure corporate wireless LAN access Remote Access Secure hotspot access • Global VPN Client Family • Microsoft Windows or Pocket PC 2003 platforms • Easy to use • User-level access policies • Auto-provisioned VPN topology • Support for WAN, PPP and GPRS adapters Secure retail warehouse access
Telecommuter Corporate Headquarters • Trust the integrity of telecommuter communication • The TZ 170 Series enforces the use of VPN for secure Wireless LAN access • Provides complete “wired” and “wireless” security solution • Box-to-box VPN provided for connectivity back to local branch office or corporate HQ Local Branch Office Wired LAN Trusted WLAN Wired clients
Office Gateway Corporate Headquarters • Create a trusted zone on the Wireless LAN • The TZ 170 Series enforces the use of VPN for secure Wireless LAN access • Provides complete “wired” and “wireless” security solution • Box-to-box VPN provided for connectivity back to corporate HQ • Use both GVC and Pocket GVC for secure wireless access for either laptops or PDAs Wired LAN Trusted WLAN Wired clients Secure Local Servers (File, Print, etc.)
Guest Hotspot Corporate Headquarters • Add a “guest” wireless network quickly, easily • The TZ 170 Series enforces guest authentication • Local database • RADIUS Wired LAN Guest WLAN Trusted WLAN Wired clients Secure Local Servers (File, Print, etc.)
Small Retail Store • TZ 170 SP Wireless provides complete “wired” and “wireless” security solution • Use timed guest accounts to control access • Attract patrons by offering a wireless guest zone without compromising your wired network • Box-to-box VPN provided for secure connectivity to clearing house for POS transactions Wired LAN WLAN Wired Clients Secure Local Server
Large Retail Store • Provides complete “wired” and “wireless” security solution • Use TZ 170 SP with SonicPoints to easily expand network to include wireless • Available with SonicOS Enhanced 2.6 in late Q3 SonicPoint PoE Injector Wired LAN WLAN Wired Clients Secure Local Server
Availability • TZ 170 Wireless and TZ 170 SP with SonicOS Standard • Public Launch 7/26 • Availability immediate • SonicOS Enhanced available in late Q3 • TZ 170 SP Wireless with SonicOS Enhanced • Public Launch 7/26 • Availability late Q3 (dependent on SonicOS Enhanced)
Conclusion: The SonicWALL TZ 170 Series The TZ 170 Series is the ideal total security platform for small networks providing a compelling blend of ease of use for basic networks and flexibility for more complex networks. • Airtight wired and wireless security • Protection from the latest threats with Deep Packet Inspection Firewall and Intrusion Prevention Service • Complete business continuity with integrated and automated analog modem failover/failback