TZ500 Network Security Firewall

loading

SonicWALL TZ500

SonicWALL TZ500

A fast connection to your business, school, remote office or retail site is only half the story; you also need to be able to securely manage it. The TZ500 and TZ600 give you enterprise-grade protection to stop cyberattacks as you expand and control your network.

SonicWALL TZ500

SonicWALL TZ500

A fast connection to your business, school, remote office or retail site is only half the story; you also need to be able to securely manage it. The TZ500 and TZ600 give you enterprise-grade protection to stop cyberattacks as you expand and control your network.

SonicWALL TZ500

SonicWALL TZ500

A fast connection to your business, school, remote office or retail site is only half the story; you also need to be able to securely manage it. The TZ500 and TZ600 give you enterprise-grade protection to stop cyberattacks as you expand and control your network.

SonicWALL TZ500

SonicWALL TZ500

A fast connection to your business, school, remote office or retail site is only half the story; you also need to be able to securely manage it. The TZ500 and TZ600 give you enterprise-grade protection to stop cyberattacks as you expand and control your network.

Highly effective protection with network productivity for growing SMBs

The TZ500 offers a no-compromise approach to securing growing networks. For distributed enterprises with remote offices, all TZ Series firewalls can be managed locally through the intuitive GUI in SonicOS or at the central office using SonicWall GMS.

Features

A fast connection to your business, school, remote office or retail site is only half the story; you also need to be able to securely manage it. The TZ500 and TZ600 give you enterprise-grade protection to stop cyberattacks as you expand and control your network.

Full-featured, advanced security
Deliver full-featured security that combines multi-engine sandboxing, intrusion prevention, gateway anti-virus, anti-spyware, content filtering and anti-spam services, with intuitive, easy-to-use SonicWall™ TZ Series firewalls.
Fast, reliable, enhanced performance
Examine all traffic for threats, without slowing down your network, using the patented1 SonicWall Reassembly-Free Deep Packet Inspection (RFDPI) technology. The TZ Series firewalls also ensure bandwidth for critical business applications, while blocking unproductive applications.
Broad, flexible, remote access
Provide mobile users with native VPN remote access clients for Apple® iOS, Google® Android, Windows® 8.1, Mac OS® X, Kindle Fire and Linux, via your small-business firewall. This unique client also supports the firewall’s capability to decontaminate threats from VPN traffic.
Easy to deploy, all-in-one solution
Enjoy the convenience and affordability of deploying your TZ Series appliance as a SonicWall TotalSecure™ solution. This combines the hardware and all the services needed for comprehensive network protection from viruses, spyware, worms, Trojans, key loggers and more—before they enter your network—and without the complexity of building your own security package.
Wireless network security

Provide your employees, partners and customers with high-speed wireless access that’s secure and reliable. SonicWall wireless network security solutions tightly integrate high-performance 802.11ac wireless technology with our award-winning next-generation firewalls to create a secure wireless solution that protects wired and wireless traffic from evolving threats.

1 U.S. Patents 7,310,815; 7,600,257; 7,738,380; 7,835,361; 7,991,723

Services

Advanced Gateway Security Suite (AGSS)

Leverage SonicWall Advanced Gateway Security Suite (AGSS) to deliver a multi-engine sandbox, powerful anti‐virus, anti‐spyware, intrusion prevention, content filtering, as well as application intelligence and control services. An upgrade over CGSS, this package features Capture Advanced Threat Protection (ATP), a multi-engine sandbox that runs and inspects suspicious files, programs and code in an isolated cloud-based environment.

TotalSecure hardware & services bundle

Enjoy the convenience and affordability of deploying your firewall as a SonicWall TotalSecure™ solution. This combines the hardware and all the services needed for comprehensive network protection from viruses, spyware, worms, Trojans, key loggers and more—before they enter your network—and without the complexity of building your own security package.

Comprehensive Gateway Security Suite (CGSS)

Get the most from your UTM firewall, with the SonicWall™ Comprehensive Security Suite (CGSS) subscription. CGSS includes Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention, Application Intelligence and Control Service, Content/URL Filtering and 24x7 Support. Combine security, productivity and support in a single solution with a low cost of ownership and greater ROI compared with buying each of the services individually.

Gateway security services

Enable your small business firewall appliance to provide real-time network threat prevention with SonicWall Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention, and Application Intelligence and Control. Block the latest blended threats, including viruses, spyware, worms, Trojans, software vulnerabilities and other malicious code. Also, guarantee bandwidth prioritization and ensure maximum network security and productivity, with the granular control and real-time visualization with Application Intelligence and Control.

Capture Advanced Threat Protection

The cloud-based SonicWall Capture Advanced Threat Protection Service scans a broad range of files to detect advanced threats, analyzes them in a multi-engine sandbox, blocks them prior to a security verdict, and rapidly deploys remediation signatures. The result is higher security effectiveness, faster response times and a lower total cost of ownership.

Content filtering services

Gain a cost-effective, easy-to-manage way to enforce protection and productivity policies, and block inappropriate, unproductive and dangerous web content in educational, business or government environments. SonicWall Content Filtering Service lets you control access to websites based on rating, IP address, URL and more. You get the ideal combination of control and flexibility to ensure the highest levels of protection and productivity which you can configure and control from your small business firewall appliance, eliminating the need for a costly, dedicated filtering solution. Extend enforcement of your internal policies to laptops located outside the firewall perimeter by blocking unwanted internet content with the Content Filtering Client.

Content Filtering Client

Extend the enforcement of web policies in IT-issued devices outside the network perimeter. Although it doesn’t require a firewall, it can be optionally coupled with SonicWall Content Filtering Service as an ideal combination to keep students and employees off of dangerous or non-productive websites by switching to cloud-enforced policies even when they are using roaming devices.

Support Services

Keep your security infrastructure current, but also to react swiftly to any problem that may occur. If you need advanced technical support and additional benefits of ongoing software and firmware updates, SonicWall Support 24x7 gives you an around-the clock service that includes:

  • Telephone and Web-based support 24x7
  • Direct access to a team of highly trained senior support engineers
  • Advance exchange hardware replacement in the event of failure
  • Access to SonicWall electronic support tools

Enforced Client Anti-Virus & Anti-Spyware Software

Execute an innovative, multi-layered anti-virus internet security strategy, with SonicWall™ firewalls and Enforced Client Anti-Virus and Anti-Spyware software. You get SonicWall Reassembly-Free Deep Packet Inspection® anti-malware at the gateway, and enforced anti-virus protection at the endpoints. You can redirect any user with a non-compliant endpoint to a web page to install the latest Enforced Client Anti-Virus and Anti-Spyware software. Provide automatically updated security definitions to the endpoint as soon as they become available to protect against today’s rapidly evolving threats. Automate enforcement to minimize administrative overhead.

Comprehensive Anti-Spam Service

Block threats from your email server and stop spam at the gateway, by adding SonicWall™ Comprehensive Anti-Spam Service (CASS) to your SonicWall firewall. Rapidly deploy your spam firewall software with one-click activation of up to 250 users.

Reporting software

Enjoy easy-to-use web-based traffic analytics and reporting, along with real-time and historical insight into the health, performance and security of your network. SonicWall Analyzer supports SonicWall firewalls and secure remote access devices, while leveraging application traffic analytics for security event reports. Provide a complete solution that combines off-box application traffic analytics with granular statistical data generated by SonicWall firewalls.

Comparison

 SonicWall TZ Series

 View a comparison matrix that compares the various models
 of the TZ Series.
 View Matrix

Legend: S — Standard,  O — Optional,  N — Not available

TotalSecure Firewall OverviewSOHOTZ300TZ400TZ500TZ600
Deep Packet Inspection FirewallSSSSS
Stateful Packet Inspection FirewallSSSSS
Unlimited File Size ProtectionSSSSS
Protocols ScannedSSSSS
Threat Prevention Services AvailableSOHOTZ300TZ400TZ500TZ600
Application Intelligence and ControlSSSSS
Intrusion Prevention ServiceSSSSS
Gateway Anti-Virus and Anti-SpywareSSSSS
Content & URL Filtering (CFS)SSSSS
SSL Inspection (DPI SSL)SSSSS
Content Filtering Client (CFC)1OOOOO
Analyzer Reporting1OOOOO
Capture Advance Threat Protection1NOOOO
Enforced Client Anti-Virus and Anti-Spyware (McAfee® or Kaspersky®)OOOOO
24x7 SupportSSSSS
Firewall GeneralSOHOTZ300TZ400TZ500TZ600
Interfaces5x1GbE, 1 USB, 1 Console5x1GbE, 1 USB, 1 Console7x1GbE, 1 USB, 1 Console8x1GbE, 2 USB, 1 Console10x1GbE, 2 USB, 1 Console, 1 Expansion Slot
ManagementCLI, SSH, GUI, GMSCLI, SSH, GUI, GMSCLI, SSH, GUI, GMSCLI, SSH, GUI, GMSCLI, SSH, GUI, GMS
Nodes SupportedUnrestrictedUnrestrictedUnrestrictedUnrestrictedUnrestricted
RAM512 MB (Wired)
1 GB (Wireless)
1 GB1 GB1 GB1 GB
Visual Information Display (LCD Display)NNNNN
Site-to-Site VPN Tunnels1010202550
Global VPN Clients (Maximum)1 (5)1 (10)2 (25)2 (25)2 (25)
SSL VPN NetExtender Clients (Maximum)1 (10)1 (50)2 (100)2 (150)2 (200)
VLAN Interfaces2525505050
SonicPoints Wireless ControllerSSSSS
WWAN Failover (4G/LTE)SSSSS
Network Switch ManagementNSSSS
Firewall/VPN PerformanceSOHOTZ300TZ400TZ500TZ600
Firewall Inspection Throughput2300 Mbps750 Mbps1.3 Gbps1.4 Gbps1.5 Gbps
Full DPI Performance (GAV/GAS/IPS)50 Mbps100 Mbps300 Mbps400 Mbps500 Mbps
Application Inspection Throughput-300 Mbps900 Mbps1.0 Gbps1.1 Gbps
IPS Throughput100 Mbps300 Mbps900 Mbps1.0 Gbps1.1 Gbps
Anti-Malware Inspection Throughput50 Mbps100 Mbps300 Mbps400 Mbps500 Mbps
IMIX performance60 Mbps200 Mbps500 Mbps700 Mbps900 Mbps
SSL DPI Performance15 Mbps45 Mbps100 Mbps150 Mbps200 Mbps
VPN Throughput4100 Mbps300 Mbps900 Mbps1.0 Gbps1.1 Gbps
Maximum SPI Connections510K50K100K125K150K
Maximum DPI Connections10K50K90K100K125K
Maximum DPI SSL Connections100500500750750
New Connections/Sec180050006000800012000
FeaturesSOHOTZ300TZ400TZ500TZ600
LoggingAnalyzer, Local Log, SyslogAnalyzer, Local Log, SyslogAnalyzer, Local Log, SyslogAnalyzer, Local Log, SyslogAnalyzer, Local Log, Syslog
Network Traffic VisualizationSSSSS
Netflow/IPFIX ReportingSSSSS
SNMPSSSSS
AuthenticationXAUTH/ RADIUS, Active Directory, SSO, LDAP, Terminal Services, Citrix, Novell, Internal User DatabaseXAUTH/ RADIUS, Active Directory, SSO, LDAP, Terminal Services, Citrix, Novell, Internal User DatabaseXAUTH/ RADIUS, Active Directory, SSO, LDAP, Terminal Services, Citrix, Novell, Internal User DatabaseXAUTH/ RADIUS, Active Directory, SSO, LDAP, Terminal Services, Citrix, Novell, Internal User DatabaseXAUTH/ RADIUS, Active Directory, SSO, LDAP, Terminal Services, Citrix, Novell, Internal User Database
Dynamic RoutingOSPF, RIPv1/v2, static routes, policy-based routing, multicastOSPF, RIPv1/v2, static routes, policy-based routing, multicastOSPF, RIPv1/v2, static routes, policy-based routing, multicastOSPF, RIPv1/v2, static routes, policy-based routing, multicastOSPF, RIPv1/v2, static routes, policy-based routing, multicast
Single Sign-on (SSO)SSSSS
Voice over IP (VoIP) SecuritySSSSS
Interface to Interface ScanningSSSSS
PortShield SecuritySSSSS
Port AggregationSSSSS
Link RedundancySSSSS
Policy-based RoutingSSSSS
Route-based VPNSSSSS
Dynamic Bandwidth ManagementSSSSS
Stateful High AvailabilityNNNOO
Multi-WANSSSSS
Load BalancingSSSSS
Object-based ManagementSSSSS
Policy-based NATSSSSS
Inbound Load BalancingSSSSS
IKEv2 VPNSSSSS
Terminal Services Authentication/Citrix SupportSSSSS
TLS/SL/SSH decryption and inspectionSSSSS
SSL Control for IPv6SSSSS
Auto-provision VPNSSSSS
Biometric AuthenticationSSSSS
DNS ProxySSSSS
FailoverSOHOTZ300TZ400TZ500TZ600
Hardware FailoverNActive/PassiveActive/PassiveActive/Passive with stateful synchronizationActive/Passive with stateful synchronization
Multi-WAN FailoverSSSSS
Automated Failover/FailbackSSSSS
Integrated WirelessSOHOTZ300TZ400TZ500TZ600
Standards802.11a/b/g/n (WEP, WPA, WPA2, 802.11i, TKIP, PSK,02.1x, EAP-PEAP, EAP-TTLS802.11a/b/g/n/ac (WEP, WPA, WPA2, 802.11i, TKIP, PSK,02.1x, EAP-PEAP, EAP-TTLS802.11a/b/g/n/ac (WEP, WPA, WPA2, 802.11i, TKIP, PSK,02.1x, EAP-PEAP, EAP-TTLS802.11a/b/g/n/ac (WEP, WPA, WPA2, 802.11i, TKIP, PSK,02.1x, EAP-PEAP, EAP-TTLS-
Frequency bands802.11a: 5.180-5.825 GHz
802.11b/g: 2.412-2.472 GHz
802.11n: 2.412-2.472 GHz, 5.180-5.825 GHz
802.11a: 5.180-5.825 GHz
802.11b/g: 2.412-2.472 GHz
802.11n: 2.412-2.472 GHz, 5.180-5.825 GHz
802.11ac: 2.412-2.472 GHz, 5.180-5.825 GHz
802.11a: 5.180-5.825 GHz
802.11b/g: 2.412-2.472 GHz
802.11n: 2.412-2.472 GHz, 5.180-5.825 GHz
802.11ac: 2.412-2.472 GHz, 5.180-5.825 GHz
802.11a: 5.180-5.825 GHz
802.11b/g: 2.412-2.472 GHz
802.11n: 2.412-2.472 GHz, 5.180-5.825 GHz
802.11ac: 2.412-2.472 GHz, 5.180-5.825 GHz
 
Operating Channels802.11a: US and Canada 12, Europe 11, Japan 4, Singapore 4, Taiwan 4
802.11b/g: US and Canada 1-11, Europe 1-13, Japan 1-14 (14-802.11b only)
802.11n (2.4 GHz): US and Canada 1-11, Europe 1-13, Japan 1-13
802.11n (5 GHz): US and Canada 36-48/149-165, Europe 36-48, Japan 36-48, Spain 36-48/52-64
802.11a: US and Canada 12, Europe 11, Japan 4, Singapore 4, Taiwan 4
802.11b/g: US and Canada 1-11, Europe 1-13, Japan 1-14 (14-802.11b only)
802.11n (2.4 GHz): US and Canada 1-11, Europe 1-13, Japan 1-13
802.11n (5 GHz): US and Canada 36-48/149-165, Europe 36-48, Japan 36-48, Spain 36-48/52-64
802.11ac: US and Canada 36-48/149-165, Europe 36-48, Japan 36-48, Spain 36-48/52-64
802.11a: US and Canada 12, Europe 11, Japan 4, Singapore 4, Taiwan 4
802.11b/g: US and Canada 1-11, Europe 1-13, Japan 1-14 (14-802.11b only)
802.11n (2.4 GHz): US and Canada 1-11, Europe 1-13, Japan 1-13
802.11n (5 GHz): US and Canada 36-48/149-165, Europe 36-48, Japan 36-48, Spain 36-48/52-64
802.11ac: US and Canada 36-48/149-165, Europe 36-48, Japan 36-48, Spain 36-48/52-64
802.11a: US and Canada 12, Europe 11, Japan 4, Singapore 4, Taiwan 4
802.11b/g: US and Canada 1-11, Europe 1-13, Japan 1-14 (14-802.11b only)
802.11n (2.4 GHz): US and Canada 1-11, Europe 1-13, Japan 1-13
802.11n (5 GHz): US and Canada 36-48/149-165, Europe 36-48, Japan 36-48, Spain 36-48/52-64
802.11ac: US and Canada 36-48/149-165, Europe 36-48, Japan 36-48, Spain 36-48/52-64
 
Transmit output powerBased on the regulatory domain specified by the system administratorBased on the regulatory domain specified by the system administratorBased on the regulatory domain specified by the system administratorBased on the regulatory domain specified by the system administrator 
Transmit power controlSupportedSupportedSupportedSupported-
Data rates supported802.11a: 6,9,12,18,24,36,48,54 Mbps per channel
802.11b: 1,2,5.5,11 Mbps per channel
802.11g: 6,9,12,18,24,36,48,54 Mbps per channel
802.11n: 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 15,30, 45, 60, 90, 120, 135, 150 Mbps per channel
802.11a: 6,9,12,18,24,36,48,54 Mbps per channel
802.11b: 1,2,5.5,11 Mbps per channel
802.11g: 6,9,12,18,24,36,48,54 Mbps per channel
802.11n: 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 15,30, 45, 60, 90, 120, 135, 150 Mbps per channel
802.11ac: 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 86.7, 96.3, 15, 30, 45, 60, 90, 120, 135, 150, 180,
200, 32.5, 65, 97.5, 130, 195, 260, 292.5, 325, 390, 433.3, 65, 130, 195, 260, 390, 520, 585, 650, 780, 866.7 Mbps per channel
802.11a: 6,9,12,18,24,36,48,54 Mbps per channel
802.11b: 1,2,5.5,11 Mbps per channel
802.11g: 6,9,12,18,24,36,48,54 Mbps per channel
802.11n: 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 15,30, 45, 60, 90, 120, 135, 150 Mbps per channel
802.11ac: 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 86.7, 96.3, 15, 30, 45, 60, 90, 120, 135, 150, 180,
200, 32.5, 65, 97.5, 130, 195, 260, 292.5, 325, 390, 433.3, 65, 130, 195, 260, 390, 520, 585, 650, 780, 866.7 Mbps per channel
802.11a: 6,9,12,18,24,36,48,54 Mbps per channel
802.11b: 1,2,5.5,11 Mbps per channel
802.11g: 6,9,12,18,24,36,48,54 Mbps per channel
802.11n: 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 15,30, 45, 60, 90, 120, 135, 150 Mbps per channel
802.11ac: 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 86.7, 96.3, 15, 30, 45, 60, 90, 120, 135, 150, 180,
200, 32.5, 65, 97.5, 130, 195, 260, 292.5, 325, 390, 433.3, 65, 130, 195, 260, 390, 520, 585, 650, 780, 866.7 Mbps per channel
-
Modulation technology spectrum802.11a: Orthogonal Frequency Division Multiplexing (OFDM)
802.11b: Direct Sequence Spread Spectrum (DSSS)
802.11g: Orthogonal Frequency Division Multiplexing (OFDM)/Direct Sequence Spread Spectrum (DSSS)
802.11n: Orthogonal Frequency Division Multiplexing (OFDM)
802.11a: Orthogonal Frequency Division Multiplexing (OFDM)
802.11b: Direct Sequence Spread Spectrum (DSSS)
802.11g: Orthogonal Frequency Division Multiplexing (OFDM)/Direct Sequence Spread Spectrum (DSSS)
802.11n: Orthogonal Frequency Division Multiplexing (OFDM)
802.11ac: Orthogonal Frequency Division Multiplexing (OFDM)
802.11a: Orthogonal Frequency Division Multiplexing (OFDM)
802.11b: Direct Sequence Spread Spectrum (DSSS)
802.11g: Orthogonal Frequency Division Multiplexing (OFDM)/Direct Sequence Spread Spectrum (DSSS)
802.11n: Orthogonal Frequency Division Multiplexing (OFDM)
802.11ac: Orthogonal Frequency Division Multiplexing (OFDM)
802.11a: Orthogonal Frequency Division Multiplexing (OFDM)
802.11b: Direct Sequence Spread Spectrum (DSSS)
802.11g: Orthogonal Frequency Division Multiplexing (OFDM)/Direct Sequence Spread Spectrum (DSSS)
802.11n: Orthogonal Frequency Division Multiplexing (OFDM)
802.11ac: Orthogonal Frequency Division Multiplexing (OFDM)
-

Legend: S — Standard,  O — Optional,  N — Not available

1 Services must be purchased separately.

2 Testing Methodologies: Maximum performance based on RFC 2544 (for firewall). Actual performance may vary depending on network conditions and activated services.

3 Full DPI/Gateway AV/Anti-Spyware/IPS throughput measured using industry standard Spirent WebAvalanche HTTP performance test and Ixia test tools. Testing done with multiple flows through multiple port pairs.

4 VPN throughput measured using UDP traffic at 1280 byte packet size adhering to RFC 2544.

5 Actual maximum connection counts are lower when services are enabled.