Description
Overview:
The latest SonicWall TZ series, are the first desktop form factor nextgeneration firewalls (NGFW) with 10 or 5 Gigabit Ethernet interfaces. The series consist of a wide range of products to suit a variety of use cases.
Designed for small, mid-sized organizations and distributed enterprise with SD-Branch locations, the 7th generation (Gen 7) TZ series delivers industry-validated security effectiveness with best-in-class priceperformance. These NGFWs address the growing trends in web encryption, connected devices and high-speed mobility by delivering a solution that meets the need for automated, realtime breach detection and prevention.
The Gen 7 TZ series are highly scalable, with high port density of up to 10 ports. It features both inbuilt and an expandable storage of up to 256GB, that enables various features including logging, reporting, caching, firmware backup and more. An optional second power supply provides added redundancy in case of failure on select models.
Deployment of Gen 7 TZs are further simplified by Zero-Touch Deployment, with the ability to simultaneously roll out these devices across multiple locations with minimal IT support. Built on next-gen hardware, it integrates firewalling, switching and wireless capabilities, plus provides single-pane-of-glass management for SonicWall Switches and SonicWave Access Points. It allows tight integration with Capture Client for seamless endpoint security.
Highlights
- 10/5/2.5/1 GbE interfaces in a desktop form factor
- SD-Branch ready
- Secure SD-WAN capability
- SonicExpress App onboarding
- Zero-Touch Deployment
- Single-pane-of-glass-management through cloud or firewall
- SonicWall Switch, SonicWave Access Point and Capture Client integration
- Built-in and expandable storage
- Redundant power
- High port density
- Cellular failover
- SonicOS 7.0
- TLS 1.3 support
- Groundbreaking performance
- High connection count
- Fast DPI performance
- Low TCO
Firewall General | TZ270 SERIES | TZ370 SERIES | TZ470 SERIES | TZ570 SERIES | TZ670 SERIES | |||
---|---|---|---|---|---|---|---|---|
Operating system | SonicOS 7.0 | |||||||
Interfaces | 8x1GbE, 2 USB 3.0, 1 Console | 8x1GbE, 2 USB 3.0, 1 Console | 8x1GbE, 2×2.5G SFP+, 2 USB 3.0, 1 Console | 8x1GbE, 2x5G SFP+, 2 USB 3.0, 1 Console | 8x1GbE, 2x10G SFP+, 2 USB 3.0, 1 Console | |||
Wireless support | 2×2 802.11ac Wave 2 (TZ270W) |
2×2 802.11ac Wave 2 (TZ370W) |
2×2 802.11ac Wave 2 (TZ470W) |
2×2 802.11ac Wave 2 (TZ570W) |
N/A | |||
Power over Ethernet (PoE) support | N/A | N/A | N/A | 5 PoE or 3PoE+ (TZ570P) | N/A | |||
Storage Expansion slot | Optional up to 256GB | Optional up to 256GB, 32GB included | ||||||
Management | Network Security Manager, CLI, SSH, Web UI, GMS, REST APIs | |||||||
Redundant power supply | N/A | N/A | N/A | Yes | Yes | |||
Single Sign-On (SSO) Users | 1,000 | 1,000 | 2,500 | 2,500 | 2,500 | |||
VLAN interfaces | 64 | 128 | 128 | 256 | 256 | |||
Access points supported (maximum) | 16 | 16 | 32 | 32 | 32 | |||
Firewall/VPN Performance | TZ270 SERIES | TZ370 SERIES | TZ470 SERIES | TZ570 SERIES | TZ670 SERIES | |||
Firewall inspection throughput1 | 2 Gbps | 3 Gbps | 3.5 Gbps | 4 Gbps | 5 Gbps | |||
Threat Prevention throughput2 | 750 Mbps | 1 Gbps | 1.5 Gbps | 2 Gbps | 2.5 Gbps | |||
Application inspection throughput2 | 1 Gbps | 1.5 Gbps | 2 Gbps | 2.5 Gbps | 3 Gbps | |||
IPS throughput2 | 1 Gbps | 1.5 Gbps | 2 Gbps | 2.5 Gbps | 3 Gbps | |||
Anti-malware inspection throughput2 | 750 Mbps | 1 Gbps | 1.5 Gbps | 2 Gbps | 2.5 Gbps | |||
TLS/SSL inspection and decryption throughput (DPI SSL)2 | 300 Mbps | 500 Mbps | 600 Mbps | 750 Mbps | 800 Mbps | |||
IPSec VPN throughput3 | 750 Mbps | 1.38 Gbps | 1.5 Gbps | 1.8 Gbps | 2.1 Gbps | |||
Connections per second | 6,000 | 9,000 | 12,000 | 16,000 | 25,000 | |||
Maximum connections (SPI) | 750,000 | 900,000 | 1,000,000 | 1,250,000 | 1,500,000 | |||
Maximum connections (DPI) | 150,000 | 200,000 | 550,000 | 400,000 | 500,000 | |||
Maximum connections (DPI SSL) | 25,000 | 30,000 | 35,000 | 50,000 | 75,000 | |||
VPN | TZ270 SERIES | TZ370 SERIES | TZ470 SERIES | TZ570 SERIES | TZ670 SERIES | |||
Site-to-site VPN tunnels | 50 | 100 | 150 | 200 | 250 | |||
IPSec VPN clients (maximum) | 5 (200) | 5 (200) | 5 (200) | 10 (500) | 10 (500) | |||
SSL VPN licenses (maximum) | 1 (50) | 2 (100) | 2 (150) | 2 (200) | 2 (250) | |||
Encryption/authentication | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B Cryptography | |||||||
Key exchange | Diffie Hellman Groups 1, 2, 5, 14v | |||||||
Route-based VPN | RIP, OSPF, BGP | |||||||
Certificate support | Verisign, Thawte, Cybertrust, RSA Keon, Entrust and Microsoft CA for SonicWall-to- SonicWall VPN, SCEP | |||||||
VPN features | Dead Peer Detection, DHCP Over VPN, IPSec NAT Traversal, Redundant VPN Gateway, Route-based VPN | |||||||
Global VPN client platforms supported | Microsoft® Windows 10 | |||||||
NetExtender | Microsoft Windows 10, Linux | |||||||
Mobile Connect | Apple® iOS, Mac OS X, Google® Android™, Kindle Fire, Chrome OS, Windows 10 | |||||||
Security Services | TZ270 SERIES | TZ370 SERIES | TZ470 SERIES | TZ570 SERIES | TZ670 SERIES | |||
Deep Packet Inspection services | Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention, DPI SSL | |||||||
Content Filtering Service (CFS) | HTTP URL, HTTPS IP, keyword and content scanning, Comprehensive filtering based on file types such as ActiveX, Java, Cookies for privacy, allow/forbid lists | |||||||
Comprehensive Anti-Spam Service | Yes | |||||||
Application Visualization | Yes | |||||||
Application Control | Yes | |||||||
Capture Advanced Threat Protection | Yes | |||||||
Networking | TZ270 SERIES | TZ370 SERIES | TZ470 SERIES | TZ570 SERIES | TZ670 SERIES | |||
IP address assignment | Static (DHCP, PPPoE, L2TP and PPTP client), Internal DHCP server, DHCP relay | |||||||
NAT modes | 1:1, 1:many, many:1, many:many, flexible NAT (overlapping IPs), PAT, transparent mode | |||||||
Routing protocols4 | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | |||||||
QoS | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1e (WMM) | |||||||
Authentication | LDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database, Terminal Services, Citrix, Common Access Card (CAC) | |||||||
Local user database | 150 | 250 | 250 | 250 | 250 | |||
VoIP | Full H.323v1-5, SIP | |||||||
Standards | TCP/IP, UDP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS, IEEE 802.3 | |||||||
Certifications | Granted: FIPS 140-2 Level 2 (with Suite B), IPv6/USGv6, ICSA Network Firewall, ICSA Firewall Enterprise, ISCA Network Antivirus / AntiMalware Pending: Common Criteria NDPP (with VPN and IPS), DoDIN, CSfC |
|||||||
High availability | Active/Standby with stateful synchronization | |||||||
Hardware | TZ270 SERIES | TZ370 SERIES | TZ470 SERIES | TZ570 SERIES | TZ670 SERIES | |||
Form factor | Desktop4 | |||||||
Power supply | 36W external | 36W external | 36W external | 60W external (TZ570/570W), 180W external (TZ570P only) |
60W external | |||
Maximum power consumption (W) | 16.84 (TZ270), 18.91 (TZ270W) |
16.84 (TZ370), 18.91 (TZ370W) |
19.95 (TZ470), 21.98 (TZ470W) |
13.4 (TZ570), 15.3 (TZ570W), 108.75 (TZ570P) |
13.1 | |||
Input power | 100-240 VAC, 50-60 Hz, 3A |
100-240 VAC, 50-60 Hz, 3A |
100-240 VAC, 50-60 Hz, 3A |
100-240 VAC, 50-60 Hz |
100-240 VAC, 50-60 Hz |
|||
Total heat dissipation (BTU) | 57.42 (TZ270), 64.48 (TZ270W) |
57.42 (TZ270), 64.48 (TZ270W) |
68.03 (TZ470), 74.95 (TZ470W) |
44.7 (TZ570), 52.17 (TZ570W), 370.84 (TZ570P) |
55.1 | |||
Dimensions | 3.5×13.5×19 (cm) 1.8×5.3×7.5 (in) |
3.5×13.5×19 (cm) 1.8×5.3×7.5 (in) |
3.5×13.5×19 (cm) 1.8×5.3×7.5 (in) |
3.5x15x22.5 (cm) 1.38×5.91×8.85 in |
3.5x15x22.5 (cm) 1.38×5.91x 8.85 in |
|||
Weight | 0.82 kg / 1.81 lbs (TZ270), 0.85 kg / 1.87 lbs (TZ270W) |
0.82 kg / 1.81 lbs (TZ370), 0.85 kg / 1.87 lbs (TZ370W) |
0.83 kg / 1.82 lbs (TZ470), 0.87 kg / 1.92 lbs (TZ470W) |
0.97 kg / 2.14 lbs (TZ570), 0.99 kg / 2.18 lbs (TZ570W), 1.05 kg / 2.31 lbs (TZ570P) |
0.97 kg / 2.14 lbs | |||
WEEE weight | 1.18 kg / 2.6 lbs (TZ270), 1.24 kg / 2.73 lbs (TZ270W) |
1.18 kg / 2.6 lbs (TZ370), 1.24 kg / 2.73 lbs (TZ370W) |
1.24 kg / 2.73 lbs (TZ470), 1.27 kg / 2.8 lbs (TZ470W) |
1.42 kg / 3.13 lbs (TZ570), 1.47 kg / 3.24 lbs (TZ570W), 1.57 kg / 3.46 lbs (TZ570P) |
1.42 kg / 3.13 lbs | |||
Shipping weight | 1.41 kg / 3.11 lbs (TZ270), 1.47 kg / 3.25 lbs (TZ270W) |
1.41 kg / 3.11 lbs (TZ370), 1.47 kg / 3.25 lbs (TZ370W) |
1.43 kg / 3.15 lbs (TZ470), 1.51 kg / 3.33 lbs (TZ470W) |
1.93 kg / 4.25 lbs (TZ570), 1.98 kg / 4.36 lbs (TZ570W), 2.08 kg / 4.58 lbs (TZ570P) |
1.93 kg / 4.25 lbs | |||
MTBF (in years) | 51.1 (TZ270), 27.1 (TZ270W) |
51.1 (TZ370), 27.1 (TZ370W) |
46 (TZ470), 24.1 (TZ470W) |
26.1 (TZ570), 23.3 (TZ570W), 31.7 (TZ570P) |
43.9 | |||
Environment (Operating/Storage) | 32°-105° F (0°-40° C) / -40° to 158° F (-40° to 70° C) | |||||||
Humidity | 5-95% non-condensing | |||||||
Regulatory | TZ270 SERIES | TZ370 SERIES | TZ470 SERIES | TZ570 SERIES | TZ670 SERIES | |||
Major regulatory compliance (wired models) | FCC Class B, ICES Class B, CE (EMC, LVD, RoHS), C-Tick, VCCI Class B, UL, cUL, TUV/GS, CB, Mexico CoC by UL, WEEE, REACH, BSMI, KCC/MSIP, ANATEL | FCC Class B, ICES Class B, CE (EMC, LVD, RoHS), C-Tick, VCCI Class B, UL, cUL, TUV/GS, CB, Mexico CoC by UL, WEEE, REACH, BSMI, KCC MSIP, ANATEL | FCC Class B, ICES Class B, CE (EMC, LVD, RoHS), C-Tick, VCCI Class B, UL, cUL, TUV/GS, CB, Mexico CoC by UL, WEEE, REACH, BSMI, KCC/MSIP, ANATEL | FCC Class B, FCC, ICES Class B, CE (EMC, LVD, RoHS), C-Tick, VCCI Class B, UL/cUL, TUV GS, CB, Mexico DGN notice by UL, WEEE, REACH, BSMI, KCC/ MSIP, ANATEL | FCC Class B, FCC, ICES Class B, CE (EMC, LVD, RoHS), C-Tick, VCCI Class B, UL/cUL, TUV/GS, CB, Mexico DGN notice by UL, WEEE, REACH, BSMI, KCC/ MSIP, ANATEL | |||
Major regulatory compliance (wireless models) | FCC Class B, FCC RF ICES Class B, IC RF CE (R&TTE, EMC, LVD, RoHS), RCM, VCCI Class B, MIC/TELEC, UL, cUL, TUV/GS, CB, Mexico CoC by UL, WEEE, REACH, ANATEL | FCC Class B, FCC RF ICES Class B, IC RF CE (R&TTE, EMC, LVD, RoHS), RCM, VCCI Class B, MIC/ TELEC, UL, cUL, TUV/GS, CB, Mexico CoC by UL, WEEE, REACH, ANATEL | FCC Class B, FCC RF ICES Class B, IC RF CE (R&TTE, EMC, LVD, RoHS), RCM, VCCI Class B, MIC/TELEC, UL, cUL, TUV/GS, CB, Mexico CoC by UL, WEEE, REACH, ANATEL | FCC Class B, FCC P15C, FCC P15E, ICES Class B, ISED/ IC, CE (RED, RoHS), C-Tick, VCCI Class B, Japan Wireless, UL/cUL, TUV GS, CB, Mexico DGN notice by UL, WEEE, REACH, BSMI, NCC (TW) KCC/MSIP, SRRC, ANATEL | N/A | |||
Major regulatory compliance (PoE models) | N/A | N/A | N/A | FCC Class A, ICES Class A, CE (EMC, LVD, RoHS), C-Tick, VCCI Class A, UL/ cUL, TUV/ GS, CB, Mexico DGN notice by UL, WEEE, REACH, BSMI, KCC/ MSIP, ANATEL | N/A | |||
Integrated Wireless5 | (TZ270W / 370W/ 470W / 570W ONLY) | |||||||
Standards | 802.11a/b/g/n/ac Wave 2, WEP, WPA, WPA2, 802.11i, TKIP, PSK,02.1x, EAP-PEAP, EAP-TTLS | |||||||
Frequency bands | 802.11a: 5.180-5.825 GHz; 802.11b/g: 2.412-2.472 GHz; 802.11n: 2.412-2.472 GHz, 5.180-5.825 GHz; 802.11ac: 5.180-5.825 GHz | |||||||
Operating channels | 802.11a: US and Canada 12, Europe 11, Japan 4, Singapore4, Taiwan 4; 802.11b/g: US and Canada 1-11, Europe 1-13, Japan (14-802.11b only); 802.11n (2.4 GHz): US and Canada 1-11, Europe 1-13, Japan 1-13; 802.11n (5 GHz): US and Canada 36-48/149-165, Europe 36-48, Japan 36-48, Spain 36-48/52-64; 802.11ac: US and Canada 36-48/149-165, Europe 36-48, Japan 36-48, Spain 36-48/52-64 | |||||||
Transmit output power | Based on the regulatory domain specified by the system administrator | |||||||
Transmit power control | Yes | |||||||
Data rates supported | 802.11a: 6, 9, 12, 18, 24, 36, 48, 54 Mbps per channel; 802.11b: 1, 2, 5.5, 11 Mbps per channel; 802.11g: 6, 9, 12, 18, 24, 36, 48, 54 Mbps per channel; 802.11n: 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 15, 30, 45, 60, 90, 120, 135, 150 Mbps per channel; 802.11ac: 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 86.7, 96.3, 15, 30, 45, 60, 90, 120, 135, 150, 180, 200, 32.5, 65, 97.5, 130, 195, 260, 292.5, 325, 390, 433.3, 65, 130, 195, 260, 390, 520, 585, 650, 780, 866.7 Mbps per channel | |||||||
Modulation technology spectrum | 802.11a: Orthogonal Frequency Division Multiplexing (OFDM); 802.11b: Direct Sequence Spread Spectrum (DSSS); 802.11g: Orthogonal Frequency Division Multiplexing (OFDM)/Direct Sequence Spread Spectrum (DSSS); 802.11n: Orthogonal Frequency Division Multiplexing (OFDM); 802.11ac: Orthogonal Frequency Division Multiplexing (OFDM) |
Small to Medium size Business
- Save space and money with an integrated gateway security solution with firewalling, switching and wireless capabilities
- Reduce complexity and get the business running without relying on IT personnel with easy onboarding using SonicExpress App and Zero-Touch Deployment, and easy management through a single pane of glass
- Attain business continuity by providing failover to cellular connectivity
- Protect network from attacks with a comprehensive security solution that incorporates VPN, IPS, CFS, AV and much more
- Leverage high port density to power on multiple PoE devices such as IP phones and IP cameras with TZ570P
- Boost employee productivity by blocking unauthorized access with traffic segmentation and access policies
Distributed Enterprise with SD-Branches
- Enhance customer experience and adapt to the changing business needs by enabling next-gen branch connectivity with SD-Branch
- Drive business growth by investing in next-gen appliances with multi-gigabit and advanced security features, to future-proof against the changing network and security landscape
- Secure networks from the most advanced attacks with advanced security features and automatically block threats on decrypted traffic using protocols such as TLS 1.3
- Leverage end-to-end network security with seamless integration of SonicWave access points, SonicWall Switches and Capture Client
- Ensure seamless communication as stores talk to HQ via easy VPN connectivity which allows IT administrators to create a hub and spoke configuration for the safe transport of data between all locations
- Improve business efficiency, performance and reduce costs by leveraging Gen 7 TZ’s hardware and software enhancements, plus features such SD-WAN technology
- Scale quickly and effortlessly with SonicExpress App and Zero-Touch Deployment
- Ensure business continuity by providing failover to cellular connectivity
- Maintain compliance with security features, and leverage built-in and expandable storage to store logs for audit purposes