Features of SonicWALL TZ 205

Intrusion Prevention

Signature-based Scanning
Tightly integrated, signature-based intrusion prevention scans packet payloads for vulnerabilities and exploits that target critical internal systems.

Automatic Signature Updates
SonicWALL's Research Team continuously updates and deploys an extensive list of over 5,400 IPS signatures covering 52 attack categories. These signatures take immediate effect and do not require reboots or any other interruption in service.

Outbound Threat Prevention
The ability to inspect both inbound and outbound traffic ensures that the network will not unwittingly be used in Distributed Denial of Service attacks and will prevent any Command and Control Botnet communication.

Intra-Zone IPS Protection
Intrusion prevention can be deployed between internal security zones to protect sensitive servers and to prevent internal attacks.

VPN

IPSec VPN for Site-to-site Connectivity
High-performance IPSec VPN allows the firewall to connect remote branch offices to a central location.

SSL VPN or IPSec Client Remote Access
Utilize clientless SSL VPN technology or an easy-to-manage IPSec client for easy access to email, files, computers, intranet sites and applications from a variety of platforms.

Redundant VPN Gateway
When using multiple WANs, a primary and secondary VPN can be configured to allow seamless automatic failover and failback of all VPN sessions.

Route-based VPN
The ability to perform dynamic routing over VPN links ensures continuous uptime in the event of a temporary VPN tunnel failure by seamlessly re-routing traffic between endpoints through alternate routes.

Clean VPN
SonicWALL Clean VPN™ both secures the integrity of VPN access and decontaminates malicious threats before they can enter the corporate network.

Gateway Threat Prevention

Gateway Anti-Malware
SonicWALL's patented RFDPI engine scans all ports and protocols for viruses without file size or stream length limitation. SonicLabs Researchers constantly provide updated threat protection, providing faster response times and threat prevention.

Reassembly-Free Deep Packet (RFDPI)
Reassembly-Free Deep Packet Inspection keeps track of malware regardless of the order or inspection timing with which the packets arrive. This allows for extremely low latency while eliminating file and stream size limitations. This provides greater performance and security than outdated proxy designs which reassemble contents using sockets bolted to traditional anti-virus programs and are plagued with inefficiencies and the overhead of memory thrashing leading to high latency, low performance and size limitations.

Cloud Anti-Virus (AV)
Using the built-in RFDI engine, SonicWALL can leverage the power of the cloud to provide the most comprehensive set of anti-malware signatures available, while minimizing latency or delay. The SonicWALL Cloud Anti-Virus Service provides millions of additional malware signatures for inspection of executable files using the most up-todate information available.

Bi-directional Inspection
RFDPI can be performed on both inbound and outbound connections to provide protection in all network traffic directions.

24x7 Signature Updates
SonicLabs Research Team team creates and updates signature databases that are propagated automatically to the firewalls in the field, with those signatures taking immediate effect without any reboot or service interruption required.

Firewall and Networking

Stateful Packet Inspection
All network traffic is inspected, analyzed and brought into compliance with firewall access policies.

DOS Attack Protection
SYN Flood protection provides defense against DOS attacks using both layer 3 SYN proxy and layer 2 SYN blacklisting technologies.

Flexible Deployment
Can be deployed in traditional NAT and Layer 2 Bridge modes.

Policy-based Routing
Create routes based on protocol to direct traffic to a preferred WAN connection with the ability to fail back to a secondary WAN in the event of an outage.

High Availability
Supports Active/Passive failover to ensure increased reliability by protecting against hardware or software faults.

WAN Load Balancing
Load balance up to four WAN interfaces using Round Robin, Spillover or Percentage based methods.

WAN Acceleration
WAN Acceleration decreases latency and increases transfer speeds between remote sites for even higher network efficiency gains.

VoIP

Advanced QoS
Guarantee critical communications with 802.1p and DSCP tagging and remapping of VoIP traffic on the network.

DPI of VoIP Traffic
Predefined signatures detect and block VoIP specific threats.

H.323 Gatekeeper and SIP Proxy Support
Block spam calls by requiring that all incoming calls are authorized and authenticated by H.323 gatekeeper or SIP proxy.

Management and Monitoring

Web GUI
An intuitive web-based interface allows quick and convenient configuration in addition to management through SonicWALL Global Management System (GMS®), or the CLI.

SNMP
SNMP provides the ability to protectively monitor and respond to threats and alerts.

Centralized Policy Management
With SonicWALL GMS, monitor, configure and report on multiple SonicWALL appliances from a single intuitive interface and customize your security environment to suit your individual policies.

Application Intelligence and Control

Application Control
Identify and control applications or individual components of an application based on RFDPI technology instead of relying on well-known ports and protocols.

Application Bandwidth Management
Allocate bandwidth to critical applications while throttling unproductive application traffic for an efficient and productive network

Custom Application Identification
Create and configure custom application identification based on traffic parameters or on patterns unique to an application in its network communications.

Application Traffic Analytics
Provides organizations with granular insight into application traffic, bandwidth utilization and security in addition to powerful troubleshooting and forensics capabilities. (TZ 215 only)

Application Signature Database
A continuously expanding database of over 3,500 application signatures ensures that administrators are able to control the usage of all the latest applications on their network at a category or individual level.

User Activity Tracking
User identification is seamlessly integrated with Microsoft® Active Directory and other authentication systems enabling tracking and reporting of individual user identification.

SonicWALL TZ Series Comparison

	TZ 105 Series	TZ 205 Series	TZ 215 Series
Firewall Overview
Stateful Packet Inspection Firewall Throughput	200 Mbps	500 Mbps	500 Mbps
IPS Throughput	60 Mbps	80 Mbps	110 Mbps
GAV Throughput	40 Mbps	60 Mbps	70 Mbps
VPN Throughput	75 Mbps	100 Mbps	110 Mbps
Full DPI (UTM)	25 Mbps	40 Mbps	60 Mbps
Maximum UTM/DPI Connections	8,000	12,000	32,000
Unlimited File Size Protection
Hardware
Dual Core Processor
Gigabit Ethernet
802.11n Support
Dual Band 802.11 a/b/g/n Support
Security Services
Intrusion Protection*
Gateway Anti-Virus, Anti-Spyware and Cloud AV*
Content and URL Filtering (CFS)*
Enforced Client Anti-Virus and Anti-Spyware*
Application Intelligence and Control*

Secure upgrade Plus