Introduction
The DellSonicWall Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention, and Application Intelligence and Control Service delivers intelligent, real-time network security protection against sophisticated attacks. Available on every SonicWall firewall, patented Reassembly-Free Deep Packet Inspection technology delivers protection from malware, intrusions and application exploits. Additionally, with the proliferation of Web 2.0 and social networking technologies for both work and personal use, SonicWall provides intelligence, control and visualization of network and application usage, with granular policies that can be created for both users and groups.
Features
Gateway Anti-Virus and Anti-Spyware inspection.
Every day, Trojans, spyware, viruses and other malware threats become
more sophisticated, and now have the ability to circle the entire globe
in a matter of minutes. To complicate matters, many of these threats
are blended, originating from multiple sources, operating at multiple
layers, utilizing multiple protocols. Moreover, they are delivered via
Instant Messaging (IM), peer-to-peer (P2P), file sharing, games or
other seemingly benign applications that are not scanned by traditional
client anti-virus solutions. Small wonder then, that today's complex
threats require a solution that goes beyond the status quo.
The SonicWall Gateway Anti-Virus and Anti-Spyware service inspects all email file attachments, ftp downloads, and real-time applications such as IM and P2P for total file-based threat control. Unlike other solutions, SonicWall RFDPI analyzes all files in real time - regardless of file size or compression - and generates proactive alerts that notify administrators whenever a threat is detected. Day-zero attacks are prevented with dynamically updated databases and an extensive list of virus and malware signatures. And, because all threats are blocked at the gateway, users are completely prevented from downloading malware in the first place. In addition, SonicWall prevents auto-installation of ActiveX components (one of the most common sources of spyware) and stops any existing spyware programs from communicating with their hosts.
Intrusion Prevention.
Application vulnerabilities, buffer overflows and blended threats can
open up your network to exploits, making intrusion prevention a
necessary technology. SonicWall goes a step beyond traditional
solutions by scanning all network traffic for worms, Trojans, software
vulnerabilities, backdoor exploits, and other types of malicious
attacks. Utilizing a comprehensive signature database, the SonicWall
Intrusion Prevention Service (IPS) engine protects against an array of
network-based application vulnerabilities and exploits. Deployed to
protect against both internal and external threats, SonicWall IPS
monitors the network for malicious or anomalous traffic, then blocks or
logs traffic based on predefined and automatically updated conditions.
By focusing on known malicious traffic, SonicWall IPS decreases false
positives while increasing network reliability and performance.
Application Intelligence, Control and Visualization.
SonicWall Application Intelligence and Control provides granular
control and real-time visualization of applications to guarantee
bandwidth prioritization and ensure maximum network security and
productivity. A tightly integrated feature of SonicWall Next-Generation
Firewalls, it uses SonicWall Reassembly-Free Deep Packet Inspection to
identify and control applications, regardless of port or protocol. With
a continuously expanding signature database currently recognizing over
2,800 applications and millions of malware threats, it can maintain
granular control over applications, prioritize or throttle bandwidth
and deny Web site access. The SonicWall Application Flow Monitor
provides real-time graphs of applications, ingress and egress
bandwidth, active Website connections and user activity.