NSv 10 | NSv 25 | NSv 50 | NSv 100 | NSv 200 | NSv 300 | NSv 400 | NSv 800 | NSv 1600 | |
---|---|---|---|---|---|---|---|---|---|
Firewall General | |||||||||
Operating system | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 |
Supported Hypervisors | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 |
Supported Public Cloud Platforms (Instance Type) | AWS (c5.large), Azure (Std D2 v2) | AWS (c5.large), Azure (Std D2 v2) | AWS (c5.large), Azure (Std D2 v2) | AWS (c5.large), Azure (Std D2 v2) | AWS (c5.large), Azure (Std D2 v2) | N/A | AWS (c5.xlarge), Azure (Std D3 v2) | AWS (c5.2xlarge), Azure (Std D4 v2) | AWS (c5.4xlarge), Azure (Std D5 v2) |
Licensing | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 |
Max Supported vCPUs | 2 | 2 | 2 | 2 | 2 | 3 | 4 | 8 | 16 |
Interface Count (ESXi/Hyper-V/KVM/AWS/Azure) | 8/8/8 | 8/8/8 | 8/8/8 | 8/8/8 | 8/8/8/2/2 | 8/8/8/-/- | 8/8/8/4/4 | 8/8/8/8/8 | 8/8/8/8/8 |
Max Mgmt/DataPlane Cores | 1/1 | 1/1 | 1/1 | 1/1 | 1/1 | 1/2 | 1/3 | 1/7 | 1/15 |
Min Memory3 | 4 GB | 4 GB | 4 GB | 4 GB | 6 GB | 6 GB | 8 GB | 10 GB | 12 GB |
Max Memory4 | 6 GB | 6 GB | 6 GB | 6 GB | 6 GB | 8 GB | 10 GB | 14 GB | 18 GB |
Supported IP/Nodes | 10 | 25 | 50 | 100 | Unlimited | Unlimited | Unlimited | Unlimited | Unlimited |
Minimum Storage | 60 GB | 60 GB | 60 GB | 60 GB | 60 GB | 60 GB | 60 GB | 60 GB | 60 GB |
SSO users | 25 | 50 | 100 | 100 | 500 | 5000 | 10000 | 15000 | 20000 |
Logging | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog |
High availability | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 |
Firewall/VPN Performance6 | |||||||||
Firewall Inspection Throughput | 2 Gbps | 2.5 Gbps | 3 Gbps | 3.5 Gbps | 4.1 Gbps | 5.9 Gbps | 7.8 Gbps | 13.9 Gbps | 17.2 Gbps |
Full DPI Throughput (GAV/GAS/IPS) | 450 Mbps | 550 Mbps | 650 Mbps | 750 Mbps | 900 Mbps | 1.6 Gbps | 2.2 Gbps | 4.0 Gbps | 6.4 Gbps |
Application Inspection Throughput | 1 Gbps | 1.25 Gbps | 1.5 Gbps | 1.75 Gbps | 2.3 Gbps | 3.4 Gbps | 4.1 Gbps | 5.5 Gbps | 6.4 Gbps |
IPS Throughput | 1 Gbps | 1.25 Gbps | 1.5 Gbps | 1.75 Gbps | 2.3 Gbps | 3.4 Gbps | 4.1 Gbps | 5.5 Gbps | 6.7 Gbps |
Anti-Malware Inspection Throughput | 450 Mbps | 550 Mbps | 650 Mbps | 750 Mbps | 900 Mbps | 1.6 Gbps | 2.2 Gbps | 4.0 Gbps | 6.6 Gbps |
IMIX Throughput | 750 Mbps | 850 Mbps | 950 Mbps | 1100 Mbps | 1.5 Gbps | 2.3 Gbps | 2.8 Gbps | 4.2 Gbps | 5.3 Gbps |
TLS/SSL DPI Throughput | 650 Mbps | 750 Mbps | 850 Mbps | 950 Mbps | 1.1 Gbps | 1.2 Gbps | 1.8 Gbps | 3.4 Gbps | 5.1 Gbps |
VPN Throughput | 500 Mbps | 550 Mbps | 600 Mbps | 650 Mbps | 750 Mbps | 1.4 Gbps | 1.9 Gbps | 4.2 Gbps | 8.4 Gbps |
Connections per second | 1800 | 5000 | 8000 | 10000 | 13760 | 24360 | 37270 | 75640 | 125000 |
Maximum connections (SPI) | 2500 | 6250 | 12500 | 25000 | 225000 | 1M | 1.5M | 3M | 4M |
Maximum connections (DPI) | 2500 | 6250 | 12500 | 25000 | 125000 | 500000 | 1.5M | 2M | 2.5M |
TLS/SSL DPI Connections | 500 | 1000 | 2000 | 4000 | 8000 | 12000 | 20000 | 30000 | 50000 |
VPN | |||||||||
Site-to-Site VPN Tunnels | 10 | 10 | 25 | 50 | 75 | 100 | 6000 | 10000 | 25000 |
IPSec VPN clients (max) | 10 | 10 | 25 | 25 | 50(1000) | 50(1000) | 2000(4000) | 2000(6000) | 2000(10,000) |
SSL VPN Clients Included | 2 | 2 | 2 | 2 | 2 | 2 | 2 | 2 | 2 |
SSL VPN Clients Maximum | 50 | 50 | 50 | 50 | 100 | 150 | 200 | 300 | 400 |
Encryption/authentication | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) |
Key exchange | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v |
Route-based VPN | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP |
Networking | |||||||||
IP address assignment | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay |
NAT modes | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT |
Max VLAN 7 interfaces | 25 | 25 | 50 | 50 | 128 | 128 | 128 | 128 | 128 |
Routing protocols | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing |
QoS | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p |
Authentication | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix |
VoIP | SIP | SIP | SIP | SIP | SIP | SIP | SIP | SIP | SIP |
Standards | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS |
Max SD-WAN groups | 12 | 12 | 18 | 32 | 38 | 38 | 70 | 102 | 102 |
Max SD-WAN members per product | 24 | 24 | 36 | 64 | 76 | 76 | 140 | 204 | 204 |
(1) Mémoire avec la trame Jumbo désactivée.
(2) Mémoire avec la trame Jumbo activée. Une mémoire supplémentaire est requise pour les trames Jumbo activées.
(3) Haute disponibilité sur la plateforme VMware ESXi.
(4) Les valeurs de performances publiées sont conformes aux spécifications et les performances réelles peuvent varier en fonction du matériel sous-jacent, des conditions réseau, de la configuration du pare-feu et des services activés. Les performances et les fonctionnalités peuvent également varier en fonction de l’infrastructure de virtualisation sous-jacente, et nous vous recommandons d’effectuer des tests supplémentaires dans votre environnement pour vous assurer que vos besoins en termes de performances et de fonctionnalités sont satisfaits. Des indicateurs de performance ont été mesurés avec le processeur Intel Xeon W (W-2195 2.3GHz, 4.3GHz Turbo, 24.75M Cache) sous SonicOSv 6.5.0.2 avec VMware vSphere 6.5.
Procédures pour les tests :
Meilleures performances avec RFC 2544 (pour pare-feu).
Débit DPI/Passerelle AV/Anti-spyware/IPS entier mesuré à l’aide des tests de performance WebAvalanche HTTP standard dans l’industrie et des outils de test Ixia.
Tests effectués avec de multiples flux à travers plusieurs paires de ports.
Débit VPN mesuré en utilisant le trafic UDP à une taille de paquet de 1418 octets conforme à RFC 2544. Toutes les spécifications et fonctionnalités sont sujettes à modification.