INSIGHTSWith the increase in sophistication of cyber threats, many targeted attacks begin with exploiting software vulnerabilities in downloaded files and email attachments.These threats include new exploits, or even variants of known exploits unleashed almost daily with no existing signatures and therefore no standard solutions to detect those variants. New and undiscovered threats require new solutions that go beyond signatures of known threats.SOLUTIONCheck Point SandBlast Zero-Day Protection, with evasion-resistant malware detection, provides comprehensive protection from even the most dangerous attacks while ensuring quick delivery of safe content to your users. At the core of our solution are two unique capabilities - Threat Emulation and Threat Extraction that take threat defense to the next level.As part of the Check Point SandBlast solution, the Threat Emulation engine picks up malware at the exploit phase, even before hackers can apply evasion techniques attempting to bypass the sandbox. Files are quickly quarantined and inspected, running in a virtual sandbox to discover malicious behavior before it enters your network. This innovative solution combines CPU-level inspection and OS-level sandboxing to prevent infection from the most dangerous exploits, and zero-day and targeted attacks.In addition, the SandBlast Threat Extraction capability immediately provides a safe version of potentially malicious content to users. Exploitable content, including active content and various forms of embedded objects, are extracted out of the reconstructed file to eliminate potential threats. Access to the original suspicious version is blocked, until it can be fully analyzed by SandBlast Zero-Day Protection. Users have immediate access to content, and can be confident they are protected from the most advanced malware and zero-day threats.SANDBLAST APPLIANCESWe offer a wide range of SandBlast Appliances. These are perfect for customers who have regulatory or privacy concerns preventing them from using the SandBlast Threat Emulation cloud-based service. Learn More

A key component of the Cisco SecureX framework, the Cisco ASA 5500 Series integrates the worlds most proven firewall with a robust suite of highly integrated, market-leading security services for networks of all sizes - small and midsize business with one or a few locations, large enterprises, service providers, and mission-critical data centers. The Cisco ASA 5500 Series delivers MultiScale performance and functionality with unprecedented services flexibility, modular scalability, feature extensibility, and lower deployment and operations costs.Midsize businesses protecting the Internet edge require the same level of protection as large, enterprise networks. You require enterprise-strength security, but purchasing a firewall that was built to handle the performance needs and budget of a large enterprise would be unnecessary and a waste of company resources. You need a firewall that provides the performance you need at a price you can afford, without compromising security. Learn More

Industry-validated security effectiveness and performance for mid-sized networksThe SonicWall Network Security Appliance (NSA) series provides mid-sized networks, branch offices and distributed enterprises with advanced threat prevention in a high-performance security platform. Combining nextgeneration firewall technology with our patented* Reassembly-Free Deep Packet Inspection (RFDPI) engine on a multi-core architecture, the NSA series offers the security, performance and control organizations require.Superior threat prevention and performanceNSA series next-generation firewalls (NGFWs) integrate advanced security technologies to deliver superior threat prevention. Our patented singlepass RFDPI threat prevention engine examines every byte of every packet, inspecting both inbound and outbound traffic simultaneously. The NSA series leverages on-box capabilities including intrusion prevention, anti-malware and web/URL filtering in addition to cloudbased SonicWall Capture multi-engine sandboxing service to block zero-day threats at the gateway. Unlike other security products that cannot inspect large files for hidden threats, NSA firewalls scan files of any size across all ports and protocols. The security architecture in SonicWall NGFWs has been validated as one of the industrys best for security effectiveness by NSS Labs for five consecutive years.Further, SonicWall NGFWs provide complete protection by performing full decryption and inspection of TLS/SSL and SSH encrypted connections as well as non-proxyable applications regardless of transport or protocol. The firewall looks deep inside every packet (the header and data) searching for protocol non-compliance, threats, zero-days, intrusions, and even defined criteria to detect and prevent hidden attacks that leverage cryptography, block encrypted malware downloads, cease the spread of infections, and thwart command and control (C&C) communications and data exfiltration. Inclusion and exclusion rules allow total control to customize which traffic is subjected to decryption and inspection based on specific organizational compliance and/or legal requirements.When organizations activate deep packet inspection functions such as intrusion prevention, anti-virus, antispyware, TLS/SSL decryption/inspection and others on their firewalls, network performance often slows down, sometimes dramatically. NSA series firewalls, however, feature a multi-core hardware architecture that utilizes specialized security microprocessors. Combined with our RFDPI engine, this unique design eliminates the performance degradation networks experience with other firewalls.In todays security environment, its not enough to rely on solely on outside parties for threat information. Thats why SonicWall formed its own in-house Capture Labs threat research team more than 15 years ago. This dedicated team gathers, analyzes and vets data from over one million sensors in its Capture Threat Network. SonicWall also participates in industry collaboration efforts and engages with threat research communities to gather and share samples of attacks and vulnerabilities. This shared threat intelligence is used to develop real-time countermeasures that are automatically deployed to our customers firewalls.At the core of the NSA series is SonicOS, SonicWalls feature-rich operating system. SonicOS provides organizations with the network control and flexibility they require through application intelligence and control, real-time visualization, an intrusion prevention system (IPS) featuring sophisticated antievasion technology, high-speed virtual private networking (VPN) and other robust security features. Learn More

Industry-validated security effectiveness and performance for mid-sized networksThe SonicWall Network Security Appliance (NSA) series provides mid-sized networks, branch offices and distributed enterprises with advanced threat prevention in a high-performance security platform. Combining next-generation firewall technology with our patented Reassembly-Free Deep Packet Inspection (RFDPI) engine on a multi-core architecture, the NSA series offers the security, performance and control organizations require.Superior threat prevention and performanceNSA series next-generation firewalls (NGFWs) integrate advanced security technologies to deliver superior threat prevention. Our patented single- pass RFDPI threat prevention engine examines every byte of every packet, inspecting both inbound and outbound traffic simultaneously. The NSA series leverages on-box capabilities including intrusion prevention, anti-malware and web/URL filtering in addition to cloud- based SonicWall Capture multi-engine sandboxing service to block zero-day threats at the gateway. Unlike other security products that cannot inspect large files for hidden threats, NSA firewalls scan files of any size across all ports and protocols. The security architecture in SonicWall NGFWs has been validated as one of the industrys best for security effectiveness by NSS Labs for five consecutive years.Further, SonicWall NGFWs provide complete protection by performing full decryption and inspection of TLS/SSL and SSH encrypted connections as well as non-proxyable applications regardless of transport or protocol. The firewall looks deep inside every packet (the header and data) searching for protocol non-compliance, threats, zero-days, intrusions, and even defined criteria to detect and prevent hidden attacks that leverage cryptography, block encrypted malware downloads, cease the spread of infections, and thwart command and control (C&C) communications and data exfiltration. Inclusion and exclusion rules allow total control to customize which traffic is subjected to decryption and inspection based on specific organizational compliance and/or legal requirements. Learn More

SonicWall NSsp 10700 Network Security/Firewall Appliance - Intrusion Prevention - 20 Port - 10/100/1000Base-T, 10GBase-T, 40GBase-X, 100GBase-X - 100 Gigabit Ethernet - 5.25 GB/s Firewall Throughput - DES, 3DES, AES (128-bit), AES (192-bit), AES (256-bit), MD5, SHA-1, SHA-256, SHA-384, SHA-512 - 20 x RJ-45 - 14 Total Expansion Slots - 3 Year Advanced Edition USG - 1U - Rack-mountable Learn More

SonicWall NSsp 10700 Network Security/Firewall Appliance - Intrusion Prevention - 20 Port - 10/100/1000Base-T, 10GBase-T, 40GBase-X, 100GBase-X - 100 Gigabit Ethernet - 5.25 GB/s Firewall Throughput - DES, 3DES, AES (128-bit), AES (192-bit), AES (256-bit), MD5, SHA-1, SHA-256, SHA-384, SHA-512 - 20 x RJ-45 - 14 Total Expansion Slots - 5 Year Advanced Edition USG - 1U - Rack-mountable Learn More

SonicWall NSsp 10700 Network Security/Firewall Appliance - Intrusion Prevention - 20 Port - 10/100/1000Base-T, 10GBase-T, 40GBase-X, 100GBase-X - 100 Gigabit Ethernet - 5.25 GB/s Firewall Throughput - DES, 3DES, AES (128-bit), AES (192-bit), AES (256-bit), MD5, SHA-1, SHA-256, SHA-384, SHA-512 - 20 x RJ-45 - 14 Total Expansion Slots - 1 Year Essential Edition USG - 1U - Rack-mountable Learn More

SonicWall NSsp 10700 Network Security/Firewall Appliance - Intrusion Prevention - 20 Port - 10/100/1000Base-T, 10GBase-T, 40GBase-X, 100GBase-X - 100 Gigabit Ethernet - 5.25 GB/s Firewall Throughput - DES, 3DES, AES (128-bit), AES (192-bit), AES (256-bit), MD5, SHA-1, SHA-256, SHA-384, SHA-512 - 20 x RJ-45 - 14 Total Expansion Slots - 3 Year Total Secure Essential Edition USG - 1U - Rack-mountable Learn More

SonicWall NSsp 10700 Network Security/Firewall Appliance - Intrusion Prevention - 20 Port - 10/100/1000Base-T, 10GBase-T, 40GBase-X, 100GBase-X - 100 Gigabit Ethernet - 5.25 GB/s Firewall Throughput - DES, 3DES, AES (128-bit), AES (192-bit), AES (256-bit), MD5, SHA-1, SHA-256, SHA-384, SHA-512 - 20 x RJ-45 - 14 Total Expansion Slots - 5 Year Total Secure Essential Edition USG - 1U - Rack-mountable Learn More

SonicWall NSsp 11700 Network Security/Firewall Appliance - Intrusion Prevention - 20 Port - 10/100/1000Base-T, 10GBase-T, 40GBase-X, 100GBase-X - 100 Gigabit Ethernet - 5.88 GB/s Firewall Throughput - DES, 3DES, AES (128-bit), AES (192-bit), AES (256-bit), MD5, SHA-1, SHA-256, SHA-384, SHA-512 - 20 x RJ-45 - 14 Total Expansion Slots - 1U - Rack-mountable Learn More