Los firewalls de Gestión unificada de amenazas (UTM) de SonicWall son ideales para cualquier organización que necesite protección de red de clase empresarial.
Los firewalls de la serie SonicWall TZ ofrecen una amplia protección mediante servicios de seguridad avanzada que incluyen funciones integradas y basadas en la nube de antimalware, antispyware, control de aplicaciones, IPS (Sistema de prevención de intrusiones) y filtrado de URL.
Con el fin de contrarrestar la tendencia de los ataques cifrados, la potencia de procesamiento de los firewalls de la serie TZ les permite inspeccionar conexiones SSL/TLS cifradas para hacer frente a las últimas amenazas.
En combinación con los switches de la serie X de Dell, algunos firewalls de la serie TZ pueden gestionar directamente la seguridad de estos puertos adicionales. Con el respaldo de la red Capture Threat Network de SonicWall, la serie SonicWall TZ proporciona actualizaciones continuas a fin de mantener una sólida defensa de la red frente a los ciberdelincuentes.
La serie SonicWall TZ es capaz de analizar cada byte de cada paquete en todos los puertos y protocolos casi sin latencia y sin limitaciones en el tamaño de los archivos.
La serie SonicWall TZ incluye puertos Gigabit Ethernet, conectividad inalámbrica 802.11ac integrada opcional,* IPSec y SSL VPN, reconexión mediante soporte integrado para 3G/4G, equilibrio de carga y segmentación de red.
Los firewalls UTM de la serie SonicWall TZ también proporcionan un acceso móvil rápido y seguro utilizando las plataformas Apple iOS, Google Android, Amazon Kindle, Windows, Mac OS X y Linux.
El Sistema de gestión global (GMS) de SonicWall permite implementar y gestionar los firewalls de la serie SonicWall TZ de forma centralizada desde un único sistema.
Servicios de seguridad administrados para entornos distribuidos
Los centros escolares, los establecimientos minoristas, los sitios remotos, las sucursales y las empresas distribuidas necesitan una solución que se integre con su firewall corporativo.
Los firewalls de la serie SonicWall TZ comparten la misma base de código —y la misma protección— que nuestros firewalls estrella de próxima generación SuperMassive, lo que simplifica la gestión de sitios remotos, ya que todos los administradores ven la misma interfaz de usuario.
Con GMS, los administradores de red pueden configurar, supervisar y gestionar los firewalls SonicWall de forma remota desde una única consola.
Mediante la incorporación de la conectividad inalámbrica segura y de la alta velocidad, los productos de la serie SonicWall TZ amplían el perímetro de protección para abarcar a los clientes y usuarios invitados que frecuentan un determinado establecimiento minorista o una oficina remota.
Tabla comparativa de la Serie TZ
S – Standard, O – Optional, N – Not Available
TotalSecure Firewall Overview
| – | SOHO | TZ300 | TZ400 | TZ500 | TZ600 |
|---|---|---|---|---|---|
| Deep Packet Inspection Firewall | S | S | S | S | S |
| Stateful Packet Inspection Firewall | S | S | S | S | S |
| Unlimited File Size Protection | S | S | S | S | S |
| Protocols Scanned | S | S | S | S | S |
| Security Services Included | |||||
| Application Intelligence and Control | S | S | S | S | S |
| Intrusion Prevention Service | S | S | S | S | S |
| Gateway Anti-Virus and Anti-Spyware | S | S | S | S | S |
| Content & URL Filtering (CFS) | S | S | S | S | S |
| SSL Inspection (DPI SSL) | S | S | S | S | S |
| Content Filtering Client (CFC)1 | O | O | O | O | O |
| Analyzer Reporting1 | O | O | O | O | O |
| Capture Advance Threat Protection1 | N | O | O | O | O |
| Enforced Client Anti-Virus and Anti-Spyware1 | O | O | O | O | O |
| 24×7 Support | S | S | S | S | S |
Firewall General
| – | SOHO | TZ300 | TZ400 | TZ500 | TZ600 |
|---|---|---|---|---|---|
| Interfaces | 5×1-GbE, 1 USB, 1 Console | 5×1-GbE, 1 USB, 1 Console | 7×1-GbE, 1 USB, 1 Console | 8×1-GbE, 2 USB, 1 Console | 10×1-GbE, 2 USB, 1 Console, 1 Expansion Slot |
| Management | CLI, SSH, Web GUI, Capture Security Center, GMS, REST APIs | CLI, SSH, Web GUI, Capture Security Center, GMS, REST APIs | CLI, SSH, Web GUI, Capture Security Center, GMS, REST APIs | CLI, SSH, Web GUI, Capture Security Center, GMS, REST APIs | CLI, SSH, Web GUI, Capture Security Center, GMS, REST APIs |
| Nodes Supported | Unrestricted | Unrestricted | Unrestricted | Unrestricted | Unrestricted |
| Site-to-Site VPN Tunnels | 10 | 10 | 20 | 25 | 50 |
| IPSec VPN Clients (Maximum) | 1 (5) | 1 (10) | 2 (25) | 2 (25) | 2 (25) |
| SSL VPN Licenses (Maximum) | 1 (10) | 1 (50) | 2 (100) | 2 (150) | 2 (200) |
| VLAN Interfaces | 25 | 25 | 50 | 50 | 50 |
| Wireless Controller | S | S | S | S | S |
| WWAN Failover (4G/LTE) | S | S | S | S | S |
| Network Switch Management | N | S | S | S | S |
Firewall/VPN Performance
| – | SOHO | TZ300 | TZ400 | TZ500 | TZ600 |
|---|---|---|---|---|---|
| Firewall Inspection Throughput2 | 300 Mbps | 750 Mbps | 1.3 Gbps | 1.4 Gbps | 1.5 Gbps |
| Threat Prevention Throughput3 | 50 Mbps | 100 Mbps | 300 Mbps | 400 Mbps | 500 Mbps |
| Application Inspection Throughput3 | – | 300 Mbps | 900 Mbps | 1.0 Gbps | 1.1 Gbps |
| IPS Throughput3 | 100 Mbps | 300 Mbps | 900 Mbps | 1.0 Gbps | 1.1 Gbps |
| Anti-Malware Inspection Throughput3 | 50 Mbps | 100 Mbps | 300 Mbps | 400 Mbps | 500 Mbps |
| IMIX Throughput | 60 Mbps | 200 Mbps | 500 Mbps | 700 Mbps | 900 Mbps |
| DPI SSL Throughput | 15 Mbps | 45 Mbps | 100 Mbps | 150 Mbps | 200 Mbps |
| VPN Throughput4 | 100 Mbps | 300 Mbps | 900 Mbps | 1.0 Gbps | 1.1 Gbps |
| Maximum Connections (SPI) | 10,000 | 50,000 | 100,000 | 125,000 | 150,000 |
| Maximum Connections (DPI) | 10,000 | 50,000 | 90,000 | 100,000 | 125,000 |
| Maximum Connections (DPI SSL) | 100 | 500 | 500 | 750 | 750 |
| New Connections/Sec | 1,800 | 5,000 | 6,000 | 8,000 | 12,000 |
Features
| – | SOHO | TZ300 | TZ400 | TZ500 | TZ600 |
|---|---|---|---|---|---|
| Logging | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog |
| Network Traffic Visualization | S | S | S | S | S |
| Netflow/IPFIX Reporting | N | S | S | S | S |
| SNMP | S | S | S | S | S |
| Authentication | LDAP (multiple domains), XAUTH/RADIUS, SSO,Novell, internal user database | LDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database,Terminal Services, Citrix, Common Access Card (CAC) | LDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database,Terminal Services, Citrix, Common Access Card (CAC) | LDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database,Terminal Services, Citrix, Common Access Card (CAC) | LDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database,Terminal Services, Citrix, Common Access Card (CAC) |
| Dynamic Routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing |
| Secure SD-WAN | S | S | S | S | S |
| Single Sign-on (SSO) | S | S | S | S | S |
| Voice over IP (VoIP) Security | S | S | S | S | S |
| Interface to Interface Scanning | S | S | S | S | S |
| PortShield Security | S | S | S | S | S |
| Link Redundancy | S | S | S | S | S |
| Policy-based Routing | S | S | S | S | S |
| Route-based VPN | S | S | S | S | S |
| Dynamic Bandwidth Management | S | S | S | S | S |
| Stateful High Availability | N | N | N | O | O |
| Multi-WAN | S | S | S | S | S |
| Load Balancing | S | S | S | S | S |
| Object-based Management | S | S | S | S | S |
| Policy-based NAT | S | S | S | S | S |
| Inbound Load Balancing | S | S | S | S | S |
| IKEv2 VPN | S | S | S | S | S |
| TLS/SSL/SSH Decryption and Inspection | S | S | S | S | S |
| SSL Control | S | S | S | S | S |
| Auto-provision VPN | S | S | S | S | S |
| Biometric Authentication | S | S | S | S | S |
| DNS Proxy | S | S | S | S | S |
| Hardware Failover | N | Active/Standby | Active/Standby | Active/Standby with stateful synchronization | Active/Standby with stateful synchronization |
Integrated Wireless
| – | SOHO | TZ300 | TZ400 | TZ500 | TZ600 |
|---|---|---|---|---|---|
| Standards | 802.11a/b/g/n (WEP, WPA, WPA2, 802.11i, TKIP, PSK,02.1x, EAP-PEAP, EAP-TTLS | 802.11a/b/g/n/ac (WEP, WPA, WPA2, 802.11i, TKIP, PSK,02.1x, EAP-PEAP, EAP-TTLS | 802.11a/b/g/n/ac (WEP, WPA, WPA2, 802.11i, TKIP, PSK,02.1x, EAP-PEAP, EAP-TTLS | 802.11a/b/g/n/ac (WEP, WPA, WPA2, 802.11i, TKIP, PSK,02.1x, EAP-PEAP, EAP-TTLS | – |
| Frequency bands5 | 802.11a: 5.180-5.825 GHz | 802.11a: 5.180-5.825 GHz | 802.11a: 5.180-5.825 GHz | 802.11a: 5.180-5.825 GHz | — |
| « | 802.11b/g: 2.412-2.472 GHz | 802.11b/g: 2.412-2.472 GHz | 802.11b/g: 2.412-2.472 GHz | 802.11b/g: 2.412-2.472 GHz | — |
| « | 802.11n: 2.412-2.472 GHz, 5.180-5.825 GHz | 802.11n: 2.412-2.472 GHz, 5.180-5.825 GHz | 802.11n: 2.412-2.472 GHz, 5.180-5.825 GHz | 802.11n: 2.412-2.472 GHz, 5.180-5.825 GHz | — |
| « | — | 802.11ac: 2.412-2.472 GHz, 5.180-5.825 GHz | 802.11ac: 2.412-2.472 GHz, 5.180-5.825 GHz | 802.11ac: 2.412-2.472 GHz, 5.180-5.825 GHz | — |
| Operating Channels | 802.11a: US and Canada 12, Europe 11, Japan 4, Singapore 4, Taiwan 4 | 802.11a: US and Canada 12, Europe 11, Japan 4, Singapore 4, Taiwan 4 | 802.11a: US and Canada 12, Europe 11, Japan 4, Singapore 4, Taiwan 4 | 802.11a: US and Canada 12, Europe 11, Japan 4, Singapore 4, Taiwan 4 | — |
| « | 802.11b/g: US and Canada 1-11, Europe 1-13, Japan 1-14 (14-802.11b only) | 802.11b/g: US and Canada 1-11, Europe 1-13, Japan 1-14 (14-802.11b only) | 802.11b/g: US and Canada 1-11, Europe 1-13, Japan 1-14 (14-802.11b only) | 802.11b/g: US and Canada 1-11, Europe 1-13, Japan 1-14 (14-802.11b only) | — |
| « | 802.11n (2.4 GHz): US and Canada 1-11, Europe 1-13, Japan 1-13 | 802.11n (2.4 GHz): US and Canada 1-11, Europe 1-13, Japan 1-13 | 802.11n (2.4 GHz): US and Canada 1-11, Europe 1-13, Japan 1-13 | 802.11n (2.4 GHz): US and Canada 1-11, Europe 1-13, Japan 1-13 | — |
| « | 802.11n (5 GHz): US and Canada 36-48/149-165, Europe 36-48, Japan 36-48, Spain 36-48/52-64 | 802.11n (5 GHz): US and Canada 36-48/149-165, Europe 36-48, Japan 36-48, Spain 36-48/52-64 | 802.11n (5 GHz): US and Canada 36-48/149-165, Europe 36-48, Japan 36-48, Spain 36-48/52-64 | 802.11n (5 GHz): US and Canada 36-48/149-165, Europe 36-48, Japan 36-48, Spain 36-48/52-64 | — |
| « | — | 802.11ac: US and Canada 36-48/149-165, Europe 36-48, Japan 36-48, Spain 36-48/52-64 | 802.11ac: US and Canada 36-48/149-165, Europe 36-48, Japan 36-48, Spain 36-48/52-64 | 802.11ac: US and Canada 36-48/149-165, Europe 36-48, Japan 36-48, Spain 36-48/52-64 | — |
| Transmit output power | Based on the regulatory domain specified by the system administrator | Based on the regulatory domain specified by the system administrator | Based on the regulatory domain specified by the system administrator | Based on the regulatory domain specified by the system administrator | — |
| Transmit power control | Supported | Supported | Supported | Supported | – |
| Data rates supported | 802.11a: 6,9,12,18,24,36,48,54 Mbps per channel | 802.11a: 6,9,12,18,24,36,48,54 Mbps per channel | 802.11a: 6,9,12,18,24,36,48,54 Mbps per channel | 802.11a: 6,9,12,18,24,36,48,54 Mbps per channel | – |
| « | 802.11b: 1,2,5.5,11 Mbps per channel | 802.11b: 1,2,5.5,11 Mbps per channel | 802.11b: 1,2,5.5,11 Mbps per channel | 802.11b: 1,2,5.5,11 Mbps per channel | — |
| « | 802.11g: 6,9,12,18,24,36,48,54 Mbps per channel | 802.11g: 6,9,12,18,24,36,48,54 Mbps per channel | 802.11g: 6,9,12,18,24,36,48,54 Mbps per channel | 802.11g: 6,9,12,18,24,36,48,54 Mbps per channel | — |
| « | 802.11n: 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 15,30, 45, 60, 90, 120, 135, 150 Mbps per channel | 802.11n: 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 15,30, 45, 60, 90, 120, 135, 150 Mbps per channel | 802.11n: 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 15,30, 45, 60, 90, 120, 135, 150 Mbps per channel | 802.11n: 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 15,30, 45, 60, 90, 120, 135, 150 Mbps per channel | — |
| « | — | 802.11ac: 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 86.7, 96.3, 15, 30, 45, 60, 90, 120, 135, 150, 180, | 802.11ac: 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 86.7, 96.3, 15, 30, 45, 60, 90, 120, 135, 150, 180, | 802.11ac: 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 86.7, 96.3, 15, 30, 45, 60, 90, 120, 135, 150, 180, | — |
| « | — | 200, 32.5, 65, 97.5, 130, 195, 260, 292.5, 325, 390, 433.3, 65, 130, 195, 260, 390, 520, 585, 650, 780, 866.7 Mbps per channel | 200, 32.5, 65, 97.5, 130, 195, 260, 292.5, 325, 390, 433.3, 65, 130, 195, 260, 390, 520, 585, 650, 780, 866.7 Mbps per channel | 200, 32.5, 65, 97.5, 130, 195, 260, 292.5, 325, 390, 433.3, 65, 130, 195, 260, 390, 520, 585, 650, 780, 866.7 Mbps per channel | — |
| Modulation technology spectrum | 802.11a: Orthogonal Frequency Division Multiplexing (OFDM) | 802.11a: Orthogonal Frequency Division Multiplexing (OFDM) | 802.11a: Orthogonal Frequency Division Multiplexing (OFDM) | 802.11a: Orthogonal Frequency Division Multiplexing (OFDM) | – |
| « | 802.11b: Direct Sequence Spread Spectrum (DSSS) | 802.11b: Direct Sequence Spread Spectrum (DSSS) | 802.11b: Direct Sequence Spread Spectrum (DSSS) | 802.11b: Direct Sequence Spread Spectrum (DSSS) | — |
| « | 802.11g: Orthogonal Frequency Division Multiplexing (OFDM)/Direct Sequence Spread Spectrum (DSSS) | 802.11g: Orthogonal Frequency Division Multiplexing (OFDM)/Direct Sequence Spread Spectrum (DSSS) | 802.11g: Orthogonal Frequency Division Multiplexing (OFDM)/Direct Sequence Spread Spectrum (DSSS) | 802.11g: Orthogonal Frequency Division Multiplexing (OFDM)/Direct Sequence Spread Spectrum (DSSS) | — |
| « | 802.11n: Orthogonal Frequency Division Multiplexing (OFDM) | 802.11n: Orthogonal Frequency Division Multiplexing (OFDM) | 802.11n: Orthogonal Frequency Division Multiplexing (OFDM) | 802.11n: Orthogonal Frequency Division Multiplexing (OFDM) | — |
| « | — | 802.11ac: Orthogonal Frequency Division Multiplexing (OFDM) | 802.11ac: Orthogonal Frequency Division Multiplexing (OFDM) | 802.11ac: Orthogonal Frequency Division Multiplexing (OFDM) | — |
- Services must be purchased separately.
- Threat Prevention/GatewayAV/Anti-Spyware/IPS throughput measured using industry standard Spirent WebAvalanche HTTP performance test and Ixia test tools. Testing done with multiple flows through multiple port pairs. Threat Prevention throughput measured with Gateway AV, Anti-Spyware, IPS and Application Control enabled.
- Full DPI/Gateway AV/Anti-Spyware/IPS throughput measured using industry standard Spirent WebAvalanche HTTP performance test and Ixia test tools. Testing done with multiple flows through multiple port pairs. Threat Prevention throughput measured with Gateway AV, Anti-Spyware, IPS and Application Control enabled.
- VPN throughput measured using UDP traffic at 1280 byte packet size adhering to RFC 2544.
- All TZ integrated wireless models can support either 2.4GHz or 5GHz band. For dual-band support, please use SonicWall’s wireless access point products.
*Future use. All specifications, features and availability are subject to change.