NSv 10 | NSv 25 | NSv 50 | NSv 100 | NSv 200 | NSv 300 | NSv 400 | NSv 800 | NSv 1600 | |
---|---|---|---|---|---|---|---|---|---|
Firewall General | |||||||||
Operating system | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 |
Supported Hypervisors | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 |
Supported Public Cloud Platforms (Instance Type) | AWS (c5.large), Azure (Std D2 v2) | AWS (c5.large), Azure (Std D2 v2) | AWS (c5.large), Azure (Std D2 v2) | AWS (c5.large), Azure (Std D2 v2) | AWS (c5.large), Azure (Std D2 v2) | N/A | AWS (c5.xlarge), Azure (Std D3 v2) | AWS (c5.2xlarge), Azure (Std D4 v2) | AWS (c5.4xlarge), Azure (Std D5 v2) |
Licensing | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 |
Max Supported vCPUs | 2 | 2 | 2 | 2 | 2 | 3 | 4 | 8 | 16 |
Interface Count (ESXi/Hyper-V/KVM/AWS/Azure) | 8/8/8 | 8/8/8 | 8/8/8 | 8/8/8 | 8/8/8/2/2 | 8/8/8/-/- | 8/8/8/4/4 | 8/8/8/8/8 | 8/8/8/8/8 |
Max Mgmt/DataPlane Cores | 1/1 | 1/1 | 1/1 | 1/1 | 1/1 | 1/2 | 1/3 | 1/7 | 1/15 |
Min Memory3 | 4 GB | 4 GB | 4 GB | 4 GB | 6 GB | 6 GB | 8 GB | 10 GB | 12 GB |
Max Memory4 | 6 GB | 6 GB | 6 GB | 6 GB | 6 GB | 8 GB | 10 GB | 14 GB | 18 GB |
Supported IP/Nodes | 10 | 25 | 50 | 100 | Unlimited | Unlimited | Unlimited | Unlimited | Unlimited |
Minimum Storage | 60 GB | 60 GB | 60 GB | 60 GB | 60 GB | 60 GB | 60 GB | 60 GB | 60 GB |
SSO users | 25 | 50 | 100 | 100 | 500 | 5000 | 10000 | 15000 | 20000 |
Logging | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog |
High availability | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 |
Firewall/VPN Performance6 | |||||||||
Firewall Inspection Throughput | 2 Gbps | 2.5 Gbps | 3 Gbps | 3.5 Gbps | 4.1 Gbps | 5.9 Gbps | 7.8 Gbps | 13.9 Gbps | 17.2 Gbps |
Full DPI Throughput (GAV/GAS/IPS) | 450 Mbps | 550 Mbps | 650 Mbps | 750 Mbps | 900 Mbps | 1.6 Gbps | 2.2 Gbps | 4.0 Gbps | 6.4 Gbps |
Application Inspection Throughput | 1 Gbps | 1.25 Gbps | 1.5 Gbps | 1.75 Gbps | 2.3 Gbps | 3.4 Gbps | 4.1 Gbps | 5.5 Gbps | 6.4 Gbps |
IPS Throughput | 1 Gbps | 1.25 Gbps | 1.5 Gbps | 1.75 Gbps | 2.3 Gbps | 3.4 Gbps | 4.1 Gbps | 5.5 Gbps | 6.7 Gbps |
Anti-Malware Inspection Throughput | 450 Mbps | 550 Mbps | 650 Mbps | 750 Mbps | 900 Mbps | 1.6 Gbps | 2.2 Gbps | 4.0 Gbps | 6.6 Gbps |
IMIX Throughput | 750 Mbps | 850 Mbps | 950 Mbps | 1100 Mbps | 1.5 Gbps | 2.3 Gbps | 2.8 Gbps | 4.2 Gbps | 5.3 Gbps |
TLS/SSL DPI Throughput | 650 Mbps | 750 Mbps | 850 Mbps | 950 Mbps | 1.1 Gbps | 1.2 Gbps | 1.8 Gbps | 3.4 Gbps | 5.1 Gbps |
VPN Throughput | 500 Mbps | 550 Mbps | 600 Mbps | 650 Mbps | 750 Mbps | 1.4 Gbps | 1.9 Gbps | 4.2 Gbps | 8.4 Gbps |
Connections per second | 1800 | 5000 | 8000 | 10000 | 13760 | 24360 | 37270 | 75640 | 125000 |
Maximum connections (SPI) | 2500 | 6250 | 12500 | 25000 | 225000 | 1M | 1.5M | 3M | 4M |
Maximum connections (DPI) | 2500 | 6250 | 12500 | 25000 | 125000 | 500000 | 1.5M | 2M | 2.5M |
TLS/SSL DPI Connections | 500 | 1000 | 2000 | 4000 | 8000 | 12000 | 20000 | 30000 | 50000 |
VPN | |||||||||
Site-to-Site VPN Tunnels | 10 | 10 | 25 | 50 | 75 | 100 | 6000 | 10000 | 25000 |
IPSec VPN clients (max) | 10 | 10 | 25 | 25 | 50(1000) | 50(1000) | 2000(4000) | 2000(6000) | 2000(10,000) |
SSL VPN Clients Included | 2 | 2 | 2 | 2 | 2 | 2 | 2 | 2 | 2 |
SSL VPN Clients Maximum | 50 | 50 | 50 | 50 | 100 | 150 | 200 | 300 | 400 |
Encryption/authentication | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) |
Key exchange | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v |
Route-based VPN | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP |
Networking | |||||||||
IP address assignment | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay |
NAT modes | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT |
Max VLAN 7 interfaces | 25 | 25 | 50 | 50 | 128 | 128 | 128 | 128 | 128 |
Routing protocols | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing |
QoS | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p |
Authentication | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix |
VoIP | SIP | SIP | SIP | SIP | SIP | SIP | SIP | SIP | SIP |
Standards | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS |
Max SD-WAN groups | 12 | 12 | 18 | 32 | 38 | 38 | 70 | 102 | 102 |
Max SD-WAN members per product | 24 | 24 | 36 | 64 | 76 | 76 | 140 | 204 | 204 |
(1) Memória com estrutura Jumbo desabilitada.
(2) Memória com estrutura Jumbo habilitada. Memória adicional é necessária para a estrutura Jumbo habilitada.
(3) Alta disponibilidade na plataforma VMware ESXi.
(4) Os números de desempenho publicados estão de acordo com a especificação e o desempenho real pode variar dependendo do hardware subjacente, condições de rede; configuração do firewall e serviços ativados. O desempenho e as capacidades também podem variar com base na infraestrutura de virtualização subjacente; recomendamos testes adicionais em seu ambiente para garantir que seus requisitos de desempenho e capacidade sejam atendidos. Os indicadores de desempenho foram observados usando o processador Intel Xeon W (W-2195 2.3GHz, 4.3 GHz Turbo, Cache de 24.75M) executando o SonicOSv 6.5.0.2 com o VMware vSphere 6.5.
Metodologias de teste:
Desempenho máximo com base no RFC 2544 (para firewall)
Throughput total de DPI/Gateway AV/AntiSpyware/IPS medido com teste de desempenho de HTTP padrão Spirent WebAvalanche e ferramentas de teste da Ixia.
Testes realizados com múltiplos fluxos através de múltiplos pares de portas
Throughput de VPN medido por tráfego UDP com pacotes de 1418 bytes de tamanho, em conformidade com a RFC 2544. Todas as especificações e recursos estão sujeitos a alterações.