Deep Packet Inspection Architecture
Anti-Virus
Every year, viruses become more sophisticated, and today have the ability to circle the entire globe in a matter of minutes. Many viral threats are blended, operating at multiple layers, and bypassing traditional client-based solutions. Viruses can come from multiple sources over many different protocols. SonicWALL Gateway Anti-Virus features a deep packet inspection engine that inspects all e-mail, Web, file transfer, and other stream-based protocols, as well as IM and P2P applications for total virus control.
And what's worse is that the nature of viral attacks has changed—today's attacks are much more dangerous and costly than ever before. SonicWALL analyzes files in real time, and includes proactive alerts that notify administrators whenever a threat is detected. SonicWALL can even inspect unlimited sized and compressed files. Virus-ridden files that are large or have been compressed slip through other solutions, presenting an enormous risk. Day-zero attacks are also prevented with SonicWALL's dynamically-updated databases and extensive list of virus and malware signatures.
Anti-Spyware
Spyware is more than just hidden software that serves ads—it’s the cause of half of all operating system crashes, and a quarter of all support calls. Spyware can work behind the scenes, secretly gathering information such as browsing habits, data entered into forms, and even individual keystrokes, and send it all to an unknown host that can use that information for account theft and other crimes. Because spyware can come in so many different forms and through everything from IM, P2P, and file sharing, to games and harmless-looking utility programs, it requires a distinct approach from standard anti-virus technology.
SonicWALL's anti-spyware technology blocks spyware at the gateway, preventing users from downloading spyware in the first place. In addition, it prevents auto-installation of ActiveX components, one of the most common sources of spyware; and stops any existing spyware programs from communicating with their hosts.
Intrusion Prevention Service
Many of the most dangerous threats function at the application layer, and exploit vulnerabilities in common network applications to drain your productivity and steal your data. Application-layer threats defy old-guard technology—but SonicWALL goes a step beyond by scanning for worms, Trojans, software vulnerabilities, backdoor exploits, and other types of malicious attacks.
Working in conjunction with anti-virus and anti-spyware technology, SonicWALL's powerful intrusion prevention engine protects against many different network-based application layer threats, and is unique in the ability to accommodate unlimited file sizes, and hundreds of thousands of concurrent downloads. You can also restrict access to applications that commonly function as conduits of malware, such as IM and P2P.
Application Firewall
SonicWALL Application Firewall is a set of granular, application specific policies that allow custom access controls based upon user, application, schedule or IP subnet level. Its comprehensive policy capabilities include restricting transfer of specific files and documents, blocking e-mail attachments using a user-configurable criteria, customized application control, bandwidth limiting for matched policies, and denying internal and external Web access based on various user-configurable options. Using Application Firewall, SonicWALL NSA solutions provide application level access control, data leakage control functionality, and the ability to create pure custom signatures—adding up to a future-proofed solution for enterprise network administrators.
Multi-layered Protection
Today's sophisticated threats call for a multi-layered approach to protection that starts right at the security gateway. Threats are unpredictable and constantly changing, and while client-based protection is essential, it’s not enough. SonicWALL Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention provides the first layer of dynamic security, protecting against external attacks as well as attacks that originate from within your own network.
