Dell TZ300P PoE User Manual

SonicWall TZ series

Integrated threat prevention and SD-WAN platform for

small/medium organizations and distributed enterprises

The SonicWall TZ series enables small to

mid-size organizations and distributed

enterprises realize the benets of an

integrated security solution that checks all the boxes. Combining high-speed

threat prevention and software-dened wide area networking (SD-WAN) technology with an extensive range of networking and wireless features plus simplied deployment and centralized

management, the TZ series provides a

unied security solution at a low total cost of ownership.

Flexible, integrated security solution

The foundation of the TZ series is

SonicOS, SonicWall’s feature-rich

operating system. SonicOS includes a

powerful set of capabilities that provides organizations with the exibility to tune these Unied Threat Management (UTM) rewalls to their specic network

requirements. For example, creating a

secure high-speed wireless network is simplied through a built-in wireless controller and suppor t for the IEEE

802.11ac standard or by adding our SonicWave 802.11ac Wave 2 access points. To reduce the cost and complexity

of connecting high-speed wireless access points and other Power over Ethernet (PoE)-enabled devices such as IP cameras, phones and printers,

the TZ300P and TZ600P provide

PoE/PoE+ power.

Distributed retail businesses and

campus environments can take

advantage of the many tools in SonicOS to gain even greater benets.

Branch locations are able to exchange

information securely with the central ofce using virtual private networking (VPN). Creating virtual LANs (VLANs) enables segmentation of the network

into separate corporate and customer

groups with rules that determine the level of communication with devices on other VLANs. SD-WAN offers a secure alternative to costly MPLS circuits while delivering consistent application performance and availability. Deploying

TZ rewalls to remote locations is easy

using Zero-Touch Deployment which enables provisioning of the rewall

remotely through the cloud.

Superior threat prevention and

performance

Our vision for securing networks in

today’s continually-evolving cyber threat landscape is automated, realtime threat detection and prevention.

Through a combination of cloud-based

and on-box technologies we deliver protection to our rewalls that’s been

validated by independent third-party

testing for its extremely high security effectiveness. Unknown threats are sent

to SonicWall’s cloud-based Capture

Advanced Threat Protection (ATP) multi-

engine sandbox for analysis. Enhancing Capture ATP is our patent-pending Real-Time Deep Memory Inspection (RTDMI™) technology. The RTDMI engine detects and blocks malware

and zero-day threats by inspecting

directly in memory. RTDMI technology is precise, minimizes false positives, and identies and mitigates sophisticated

Benets:

Flexible, integrated security solution

• Secure SD-WAN

• Powerful SonicOS operating system

• High-speed 802.11ac wireless

• Power over Ethernet (PoE/PoE+)

• Network segmentation with VLANs

Superior threat prevention and performance

• Patent-pending real-time deep memory inspection technology

• Patented reassembly-free deep packet inspection technology

• On-box and cloud-based threat prevention

• TLS/SSL decr yption and inspection

• Industry-validated security

effectiveness

• Dedicated Capture Labs threat research team

• Endpoint security with Capture Client

Easy deployment, setup and ongoing management

• Zero-Touch Deployment

• Cloud-based and on-premises centralized management

• Scalable line of rewalls

• Low total cost of ownership

attacks where the malware’s weaponry is exposed for less than 100 nanoseconds. In combination, our patented single-pass Reassembly-Free Deep Packet Inspection (RFDPI) engine examines every byte of

every packet, inspecting both inbound

and outbound traf c directly on the rewall. By leveraging Capture ATP with RTDMI technology in the SonicWall Capture Cloud Platform in addition to

on-box capabilities including intrusion

prevention, anti-malware and web/ URL ltering, TZ series rewalls stop malware, ransomware and other threats at the gateway. For mobile devices used outside the rewall perimeter, SonicWall Capture Client provides an added layer of

protection by applying advanced threat protection techniques such as machine learning and system rollback. Capture Client also leverages the deep inspection

of encrypted TLS trafc (DPI-SSL) on

TZ series rewalls by installing and

managing trusted TLS certicates.

The continued growth in the use of

encryption to secure web sessions means it is imperative rewalls are able to scan encrypted traf c for threats.

TZ series rewalls provide complete

protection by performing full decryption and inspection of TLS/SSL and SSH encrypted connections regardless of port or protocol. The rewall searches for

protocol non-compliance, threats, zero-

days, intrusions, and even dened criteria

by looking deep inside every packet.

The deep packet inspection engine

detects and prevents hidden attacks

that leverage cryptography. It also blocks encrypted malware downloads, ceases the spread of infections and thwarts command and control (C&C) communications and data exltration. Inclusion and exclusion rules allow total control to customize which trafc is

subjected to decr yption and inspection

based on specic organizational compliance and/or legal requirements.

Easy deployment, setup and

ongoing management

SonicWall makes it easy to congure and manage TZ series rewalls and

SonicWave 802.11ac Wave 2 access

points no matter where you deploy them.

Centralized management, reporting, licensing and analytics are handled through our cloud-based Capture

Security Center which offers the ultimate

in visibility, agility and capacity to centrally govern the entire SonicWall

security ecosystem from a single pane of glass.

A key component of the Capture Security Center is Zero-Touch Deployment. This cloud-based feature simplies and

speeds the deployment and provisioning

of SonicWall rewalls at remote and branch of ce locations. The process

requires minimal user intervention, and

is fully automated to operationalize rewalls at scale in just a few steps.

This signicantly reduces the time,

cost and complexity associated with installation and conguration, while

security and connectivity occurs instantly and automatically. Together, the

simplied deployment and setup along with the ease of management enable organizations to lower their total cost of ownership and realize a high return

on investment.

* 802.11ac currently not available on SOHO/ SOHO 250 models; SOHO/SOHO 250 models suppor t 802.11a/b/g/n

SonicWave 432i access point

Printer

Bi-directional scanning

SonicWall TZ600P

IP Phone

Camera

802.3at PoE+ Devices

Integrated Security and Power for Your PoE-enabled Devices

Provide power to your PoE-enabled devices without the cost and complexity of a Power over Ethernet switch or injector. TZ300P and TZ600P rewalls integrate IEEE 802.3at technology to power PoE and PoE+ devices such as wireless access points, cameras, IP phones and more. The rewall scans all trafc coming from and going to each

device using deep packet inspection

technology and then removes harmful threats such as malware and intrusions,

even over encrypted connections.

Capture Cloud Platform

SonicWall's Capture Cloud Platform

delivers cloud-based threat prevention

and network management plus reporting and analytics for organizations of any size. The platform consolidates threat intelligence gathered from multiple sources including our award-winning multi-engine network sandboxing service, Capture Advanced Threat Protection, as well as more than 1 million SonicWall

sensors located around the globe.

If data coming into the network is found

to contain previously-unseen malicious code, SonicWall’s dedicated, in-house

Capture Labs threat research team

develops signatures that are stored in

the Capture Cloud Platform database and deployed to customer rewalls for up-to-date protection. New updates take effect immediately without reboots or

interruptions. The signatures resident

on the appliance protect against wide

classes of attacks, covering tens of thousands of individual threats. In

addition to the countermeasures on

the appliance, TZ rewalls also have

continuous access to the Capture Cloud

Platform database which extends the onboard signature intelligence with tens of millions of signatures.

In addition to providing threat prevention, the Capture Cloud Platform offers single pane of glass management and

administrators can easily create both real-time and historical repor ts on

network activity.

Advanced threat protection

At the center of SonicWall automated,

real-time breach prevention is SonicWall

Capture Advanced Threat Protection

service, a cloud-based multi-engine

sandbox that extends rewall threat

protection to detect and prevent zero-

day threats. Suspicious les are sent to the cloud where they are analyzed using deep learning algorithms with the option to hold them at the gateway

until a verdict is determined. The multi-

engine sandbox platform, which includes Real-Time Deep Memory Inspection, virtualized sandboxing, full system

emulation and hypervisor level analysis technology, executes suspicious code

and analyzes behavior. When a le is identied as malicious, it is blocked

and a hash is immediately created

within Capture ATP. Soon after, a signature is sent to rewalls to prevent follow-on attacks.

The service analyzes a broad range

of operating systems and le types, including executable programs, DLL, PDFs, MS Ofce documents, archives, JAR and APK .

Streaming Data

PDF

Data File

101001001010

010100101101

010010100100

101001010010

110101010010

010100100010

101100100101

Endpoint

Arfact 1

Arfact 2

Arfact 3

Arfact 4

LEARNING

Deep Learning

MACHINE

Algorithms

For complete endpoint protection, the SonicWall Capture Client combines next-generation anti-virus technology

with SonicWall's cloud-based

multi-engine sandbox.

Classiﬁed Malware

RANSOMWARE

Locky

RANSOMWARE

UNKNOWN

WannaCry

TROJAN

Spartan

B C

BLOCK

unl

VERDICT

GoodBad

BLOCK

CLOUD CAPTURE SANDBOX

Hypervisor

Emulaon

Virtualizaon

RTDMI

SENT

Reassembly-Free Deep Packet

Traffic out

Proxy

Scanning

Packet

disassembly

Packet assembly-based process

SonicWall stream-based architectureCompetitive proxy-based architecture

When proxy buffer

becomes full or

content too large,

files bypass

scanning.

Traffic in

TLS/SSL

Reassembly-free Deep Packet Inspection (RFDPI)

Reassembly-free packet

scanning eliminates proxy

and content size limitations.

Inspection time

Less More

Inspection capacity

Min Max

Inspection time

Less More

Inspection capacity

Min Max

CPU 1

CPU 2

CPU 3

CPU 4

CPU n

TLS/SSL

Inspection engine

The SonicWall Reassembly-Free Deep

Packet Inspection (RFDPI) is a singlepass, low latency inspection system that performs stream-based, bi-directional trafc analysis at high speed without proxying or buffering to effectively uncover intrusion attempts and malware downloads while identifying application trafc regardless of port and protocol.

This proprietar y engine relies on

streaming trafc payload inspection to detect threats at Layers 3-7, and takes

network streams through extensive and

repeated normalization and decryption in order to neutralize advanced evasion

techniques that seek to confuse detection

engines and sneak malicious code into

the network.

Once a packet undergoes the necessary

pre-processing, including TLS/SSL

decryption, it is analyzed against a single,

proprietary memory representation of three signature databases: intrusion attacks, malware and applications. The

connection state is then advanced to

represent the position of the stream

relative to these databases until it

encounters a state of attack, or other

“match” event, at which point a pre-set

action is taken.

In most cases, the connection is

terminated and proper logging and

notication events are created. However, the engine can also be congured for inspection only or, in case of application detection, to provide Layer 7 bandwidth management services for the remainder of the application stream as soon as the application is identied.

Centralized management and reporting

For highly regulated organizations

wanting to achieve a fully coordinated

security governance, compliance and risk management strategy, SonicWall

provides administrators a unied, secure and extensible platform to manage SonicWall rewalls, wireless access points and Dell N-Series and X-Series switches through a correlated and auditable workstream

process. Enterprises can easily consolidate the management of security

appliances, reduce administrative and troubleshooting complexities, and govern

all operational aspects of the security infrastructure, including centralized policy management and enforcement; real-time event monitoring; user activities; application identications; ow analytics and forensics; compliance and audit reporting; and more. In addition, enterprises meet the rewall’s change

management requirements through

workow automation which provides the agility and condence to deploy the right rewall policies at the right time and in conformance with compliance regulations.

Available on premises as SonicWall

Global Management System and in

the cloud as Capture Security Center,

SonicWall management and reporting

solutions provide a coherent way to manage network security by business

processes and service levels, dramatically

simplifying lifecycle management of your

overall security environments compared to managing on a device-by-device basis.

Distributed networks

Because of their exibility, TZ series rewalls are ideally suited for both

distributed enterprise and single site

deployments. In distributed networks like those found in retail organizations, each site has its own TZ rewall which connects to the Internet often through a local provider using a DSL, cable or 3G/4G connection. In addition to Internet access, each rewall utilizes an Ethernet connection to transport packets between remote sites and the

central headquarters. Web services

and SaaS applications such as Ofce 365, Salesforce and others are served up from the data center. Through mesh VPN technology, IT administrators can create a hub and spoke conguration for the safe transpor t of data between

all locations.

The SD-WAN technology in SonicOS

is a perfect complement to TZ rewalls

Distributed Enterprise

Network with SD-WAN

NSsp 12800

PBX

SonicWall Secure

SD-WAN Features

•

NSS Labs validated high

security efﬁcacy

•

Zero-touch deployment

•

WAN load balancing

•

Dynamic path selection for business-critical applications

•

Secure AES 256 VPN

•

Application identiﬁcation and visibility

•

Cloud-based central management

deployed at remote and branch sites.

Instead of relying on more expensive legacy technologies such as MPLS and T1, organizations using SD-WAN

Corporate HQ

SD-WAN Enabled

Transport

Remote / Branch Ofﬁces

Data Center

NSa 9650

· Anti-malware

· IPS

· Content filtering

· Capture ATP

· VPN

Terminal

Low-Cost Transport Technologies

Ethernet / DSL / Cable / 3G / 4G

IoT Devices – Cameras,

POS

IP Phones, etc.

Web Server Farm

Application Server Farm

Security Center

Cloud Orchestration

and Management

TZ600P Firewall

Capture

Access Point

SonicWave

Wireless

Guest

Corp

WiFi

can choose lower-cost public Internet services while continuing to achieve a high level of application availability and predictable performance.

Capture Security Center

Tying the distributed network together

is SonicWall’s cloud-based Capture

Security Center (CSC) which centralizes

deployment, ongoing management

and real-time analytics of the TZ rewalls. A key feature of CSC is Zero-

Touch Deployment. Conguring and

deploying rewalls across multiple

sites is time-consuming and requires

onsite personnel. However Zero-

Touch Deployment removes these

challenges by simplifying and speeding the deployment and provisioning of SonicWall rewalls remotely through

the cloud. Similarly, CSC eases ongoing management by providing cloud-based

single-pane-of-glass management for SonicWall devices on the network. For complete situational awareness of the network security environment, SonicWall

Analytics offers a single-pane view

into all activity occurring inside the

network. Organizations gain a deeper understanding of application usage and performance while reducing the possibility of Shadow IT.

NSa or NSsp

Corporate

Headquarters

Sales network

Engineering network

Finance network

Single Sites

For single site deployments, having an

integrated network security solution is highly benecial. TZ series rewalls combine high security effectiveness with options such as built-in 802.11ac wireless and, in the case of the TZ300P and TZ600P, PoE/PoE+ support. The

Capture Security Center

TZ product line

Internet

3G/analog failover

Secure wireless zone

Printers

18-port Dell N-Series/X-Series switch

Protected server network

Storage

PoE cameras

same security engine in our mid-range

NSa series and high-end NSsp series is featured in TZ series rewall along with the broad feature set of SonicOS. Conguration and management is easy using the intuitive SonicOS UI.

Organizations save valuable rack space

due to the compact desktop form factor.

SonicWall TZ600 series

For emerging enterprises, retail and branch ofces looking for security, performance and options such as 802.3at PoE+ support at a value price, the SonicWall TZ600 secures networks with enterprise-class features and uncompromising performance.

Specication TZ600 series

Firewall throughput 1.9 Gbps

Threat Prevention throughput 800 Mbps

Anti-malware throughput 800 Mbps

IPS throughput 1.2 Gbps

Maximum connections 150,000

New connections/sec 12,000

TZ600P

PoE/PoE+ por ts (4 PoE/PoE+)

Power LED Tes t LE D

USB por t (3G/4G WAN failover)

Link and activity indicator LEDs

Expansion module

Console port

8x1-GbE switch

(congurable)

X0 LAN port X1 WAN port

SonicWall TZ500 series

For growing branch ofces and SMBs, the SonicWall TZ500 series delivers highly effective, no-compromise protection with network productivity and optional integrated 802.11ac dual-band wireless.

Specication TZ500 series

Firewall throughput 1.4 Gbps

Threat Prevention throughput 700 Mbps

Anti-malware throughput 700 Mbps

IPS throughput 1.0 Gbps

Maximum connections 150,000

New connections/sec 8,000

Optional 802 .11ac wireless

12V DC 2A power