Description
Overview:
Defeating advanced threats requires an advanced firewall solution built for the needs of your business. The SonicWall Network Security appliance (NSa) Mid-Range Firewall is next-generation security designed specifically for businesses of 250 users and up. Work with the confidence of knowing you’re protected against the day-to-day incursions as well as against advanced threats like ransomware, attacks against non-standard ports, and breaches in firewalls, all at the speed of business.
With cloud-based and on-box capabilities like TLS/SSL decryption and inspection, application intelligence and control, secure SD-WAN, real-time visualization, and WLAN management, SonicWall provides flexible, fast and cost-effective security to keep the threats out and your business thriving.
The SonicWall Network Security Appliance (NSa) 2700 nextgeneration firewall (NGFW) offers medium- to large-sized enterprises industry-leading performance at the lowest total cost of ownership in its class.
With comprehensive security features such as intrusion prevention, VPN, application control, malware analysis, URL filtering and IP reputation services, it protects the perimeter from advanced threats without becoming a bottleneck.
The NSa 2700 has been built from the ground up with the latest hardware components, all designed to deliver multi-gigabit threat prevention throughput — even for encrypted traffic. Featuring a high port density (including 16 x 1GbE ports and three x 10 GbE ports), the solution supports network and hardware redundancy with high availability, clustering and dual power supplies.
Generation 7 – SonicOS 7.0 and Security Services
The SonicWall NSa 2700 runs on SonicOS 7.0, a new operating system built from the ground up to deliver a modern user interface, intuitive workflows and user-first design principles. SonicOS 7.0 provides multiple features designed to facilitate enterprise-level workflows. It offers easy policy configuration, zero-touch deployment and flexible management — all of which allow enterprises to improve both their security and operational efficiency.
The NSa 2700 supports advanced networking features, such as SD-WAN, dynamic routing, layer 4-7 clustering and high-speed VPN functionality. In addition to integrating firewall and switch capabilities, the appliance provides a single-paneof-glass interface to manage both switches and access points.
Built to mitigate the advanced cyberattacks of today and tomorrow, the NSa 2700 offers access to SonicWall’s premier advanced firewall security services, allowing you to protect your entire security infrastructure. Solutions and services such as Cloud Application Security, Capture Advanced Threat Protection (ATP) cloud-based sandboxing, Real-Time Deep Memory Inspection (RTDMI™) and Reassembly-Free Deep Packet Inspection (RFDPI) — along with Deep Packet Inspection (DPI) for all traffic including TLS 1.3 — offer comprehensive gateway protection from most stealthy and dangerous malware, including zeroday and encrypted threats.
Highlights
- 1 RU – Form Factor
- 16 x 1 GbE interfaces
- 3 x 10 GbE interfaces
- 2 Gbps Threat and Malware Analysis Throughput
- Enterprise Internet Edge Ready
- Latest Generation 7 SonicOS support
- Secure SD-WAN capability
- Intuitive single pane of glass management
- TLS 1.3 support
- Best-in-class price-performance
- Fast DPI performance
- Low TCO in its class
- High port density for easy networking
- SonicWall Switch, SonicWave Access Point and Capture Client integration
- Redundant power
Features:
- Blocks More Attacks with RTDMI™ – Real-Time Deep Memory Inspection (RTDMI™) proactively detects and blocks unknown malware via deep memory inspection in real time, a revolutionary approach to defend against zero-day and side-channel attacks and other unrecognized threats.
- Secure Remote Workers – SonicWall NetExtender provides an intuitive SSL-VPN connection client that’s easy to deploy and configure. Easily provide your remote workers with secure access to your corporate network from Linux, Mac and Windows devices.
- Secure SD-WAN Technology – Leave MPLS behind for a more agile, more secure and more cost-effective network optimized for today’s broadband-driven, cloud-infused landscape. Secure SD-WAN technology is built in to NSa firewalls, so there’s no need to purchase additional SD-WAN appliances and licenses.
- Built-in Wireless Controller – Implement high-speed wireless security by combining a NSa series next-generation firewall with a SonicWall SonicWave wireless access point. NSa series firewalls and SonicWave access points both feature 2.5 GbE ports that enable multi-gigabit wireless throughput offered in Wave 2 wireless technology.
- Low Total Cost of Ownership – Make a SonicWall NSa firewall the start of enterprise savings. From reduced costs through zero-touch deployment to enabling SD-WAN and delivering NetSecOPEN-verified threat block rates on par or better than competitors at a fraction of the cost, SonicWall NSa firewalls are security you can’t afford to be without.
- Cloud-based & On-Premises Centralized Management – Gain greater visibility into your enterprise even as it becomes more complex on- and off-prem. Tightly integrated into the SonicWall ecosystem, bring your firewalls into a single-pane-of-glass management, licensing, reporting and analytics
- High Performance and Port Density – Deploy next generation firewalls that are designed for mid-size and distributed enterprises to deliver much needed multi-gigabit threat prevention performance while providing high port density including 10 GbE ports for flexible network connectivity
Small to Medium size Business
- Save space and money with an integrated gateway security solution with firewalling, switching and wireless capabilities
- Reduce complexity and get the business running without relying on IT personnel with easy onboarding using SonicExpress App and Zero-Touch Deployment, and easy management through a single pane of glass
- Attain business continuity by providing failover to cellular connectivity
- Protect network from attacks with a comprehensive security solution that incorporates VPN, IPS, CFS, AV and much more
- Leverage high port density to power on multiple PoE devices such as IP phones and IP cameras with TZ570P
- Boost employee productivity by blocking unauthorized access with traffic segmentation and access policies
Distributed Enterprise with SD-Branches
- Enhance customer experience and adapt to the changing business needs by enabling next-gen branch connectivity with SD-Branch
- Drive business growth by investing in next-gen appliances with multi-gigabit and advanced security features, to future-proof against the changing network and security landscape
- Secure networks from the most advanced attacks with advanced security features and automatically block threats on decrypted traffic using protocols such as TLS 1.3
- Leverage end-to-end network security with seamless integration of SonicWave access points, SonicWall Switches and Capture Client
- Ensure seamless communication as stores talk to HQ via easy VPN connectivity which allows IT administrators to create a hub and spoke configuration for the safe transport of data between all locations
- Improve business efficiency, performance and reduce costs by leveraging Gen 7 TZ’s hardware and software enhancements, plus features such SD-WAN technology
- Scale quickly and effortlessly with SonicExpress App and Zero-Touch Deployment
- Ensure business continuity by providing failover to cellular connectivity
- Maintain compliance with security features, and leverage built-in and expandable storage to store logs for audit purposes
Features
FIREWALL GENERAL | NSA2700 SERIES |
---|---|
Operating system | SonicOS 7.0 |
Interfaces | 16x1GbE, 3x10G SFP+, 2 USB 3.0, 1 Console, 1 Management port |
Storage | 64GB M.2 |
Expansion | Storage Expansion Slot (Up to 256GB) |
VLAN interfaces | 256 |
Access points supported (maximum) | 32 |
FIREWALL/VPN PERFORMANCE | NSA2700 |
Firewall inspection throughput1 | 5.5 Gbps |
Threat Prevention throughput2 | 3.0 Gbps |
Application inspection throughput2 | 3.6 Gbps |
IPS throughput2 | 3.4 Gbps |
Anti-malware inspection throughput2 | 2.9 Gbps |
TLS/SSL inspection and decryption throughput (DPI SSL)2 | 800 Mbps |
IPSec VPN throughput3 | 2.10 Gbps |
Connections per second | 21,500 |
Maximum connections (DPI) | 500,000 |
VPN | NSA2700 |
Site-to-site VPN tunnels | 250 |
Encryption/authentication | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B Cryptography |
Key exchange | Diffie Hellman Groups 1, 2, 5, 14v |
Route-based VPN | RIP, OSPF, BGP |
VPN features | Dead Peer Detection, DHCP Over VPN, IPSec NAT Traversal, Redundant VPN Gateway, Route-based VPN |
Global VPN client platforms supported | Microsoft® Windows 10 |
NetExtender | Microsoft Windows 10, Linux |
Mobile Connect | Apple® iOS, Mac OS X, Google® Android™, Kindle Fire, Chrome OS, Windows 10 |
SECURITY SERVICES | NSa 2700 |
Deep Packet Inspection services | Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention, DPI SSL |
Content Filtering Service (CFS) | HTTP URL, HTTPS IP, keyword and content scanning, Comprehensive filtering based on file types such as ActiveX, Java, Cookies for privacy, allow/forbid lists |
Comprehensive Anti-Spam Service | Supported |
Application Visualization | Yes |
Application Control | Yes |
Capture Advanced Threat Protection | Yes |
DNS Security | Yes |
NETWORKING | NSa 2700 |
IP address assignment | Static, (DHCP, PPPoE, L2TP and PPTP client), Internal DHCP server, DHCP relay |
NAT modes | 1:1, 1:many, many:1, many:many, flexible NAT (overlapping IPs), PAT, transparent mode |
Routing protocols4 | BGP, OSPF, RIPv1/v2, static routes, policy-based routing |
QoS | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1e (WMM) |
Authentication | LDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database, Terminal Services, Citrix, Common Access Card (CAC) |
VoIP | Full H.323v1-5, SIP |
Standards | TCP/IP, UDP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS, IEEE 802.3 |
Certifications | FIPS 140-2 (with Suite B) Level 2, IPv6 (Phase 2), ICSA Network Firewall, ICSA Anti-virus, Common Criteria NDPP (Firewall and IPS) |
HARDWARE | NSa 2700 |
Form factor | 1U Rack Mountable |
Power supply | 60W |
Maximum power consumption (W) | 21.5 |
Input power | 100-240 VAC, 50-60 Hz |
Total heat dissipation (BTU) | 73.32 BTU |
Dimensions | 43 x 32.5 x 4.5 (cm) 16.9 x 12.8 x 1.8 in |
Weight | 4.0 kg / 8.8 lbs |
WEEE weight | 4.2 kg / 9.3 lbs |
Shipping weight | 6.4 kg / 14.1 lbs |
Environment (Operating/Storage) | 32°-105° F (0°-40° C)/-40° to 158° F (-40° to 70° C) |
Humidity | 5-95% non-condensing |
REGULATORY | NSa 2700 |
Major regulatory compliance (wired models) | FCC Class B, FCC , ICES Class B, CE (EMC, LVD, RoHS), C-Tick, VCCI Class B, UL/cUL, TUV/ GS, CB, Mexico DGN notice by UL, WEEE, REACH, BSMI, KCC/MSIP, ANATEL |