SonicWALL Network Security Virtual (NSV) 400 Virtual Appliance
Deep security for public, private or hybrid cloud environments
List Price: $7,128.00
Our Price: $6,059.00
*Note: This unit must be used in conjunction with an active NSV 400 Virtual Appliance
Our Price: $4,990.00
*Includes NSV 400 Virtual Appliance with 1 Year AGSS Bundle (Capture ATP, Threat Prevention, Content Filtering, 24x7 Support)
List Price: $11,920.00
Our Price: $10,132.00
List Price: $12,809.00
Our Price: $10,888.00
*Service provided by Western NRG.
Our Price: Request a Quote
More pricing below, click here!
Please Note: All Prices are Inclusive of GST
NSV Series Overview:
SonicWall Network Security virtual (NSv) firewalls protect all critical components of your private/public cloud environment from resource misuse attacks, cross virtual machine attacks, side channel attacks and common network based exploits and threats. It captures traffic between virtual machines and networks for automated breach prevention and establishes access control measures for data confidentiality and ensures VMs safety and integrity.
PUBLIC AND PRIVATE CLOUD SECURITY
- Gain complete visibility into intra-host communication between virtual machines for threat prevention
- Ensure appropriate placement of security policies throughout the virtual environment
- Deliver safe application enablement rules by the application, user and device regardless of VM location
- Implement proper security zoning (VLANs) and isolation
VIRTUAL MACHINE PROTECTON
- Defend against zero-day vulnerabilities with Capture Advanced Threat Protection
- Prevent unauthorized takeover of virtual systems
- Stop unauthorized access to protected data assets
- Block malicious and intrusive actions such as spreading malware, executing operating system commands, file system browsing and C&C communication
- Reduce service disruption of any part or entire virtual ecosystem
The design, implementation and deployment of modern network architectures, such virtualization and cloud, continue to be a game-changing strategy for many organizations. Virtualizing the data center, migrating to the cloud, or a combination of both, have demonstrated significant operational and economic advantages. However, vulnerabilities within virtual environments are well-documented. New ones are discovered regularly that yield serious security implications and challenges. To ensure application services are delivered safely, efficiently and in a scalable manner, while combating threats harmful to all parts of the virtual framework including virtual machines (VM), application workloads and data must be among the top priorities.
SonicWall Network Security virtual (NSv) firewalls help security teams reduce these types of security risks and vulnerabilities, which can cause serious disruption to your business-critical services and operations. With full-featured security tools and services including reassembly-free deep packet inspection (RFDPI), security controls and networking services equivalent to what a SonicWall physical firewall provides, NSv effectively shield all critical components of your private/public cloud environments.
NSv is easily deployed and provisioned in a multi-tenant virtual environment, typically between virtual networks (VNs). This allows it to capture communications and data exchanges between virtual machines for automated breach prevention, while establishing stringent access control measures for data confidentiality and VMs safety and integrity. Security threats (such as cross-virtual-machine or sidechannel attacks and common networkbased intrusions and application and protocol vulnerabilities) are neutralized successfully through SonicWall's comprehensive suite of security inspection services1. All VM traffic is subjected to multiple threat analysis engines, including intrusion prevention, gateway anti-virus and anti-spyware, cloud anti-virus, botnet filtering, application control and Capture Advanced Threat Protection multi-engine sandboxing.
Segmentation Security
For optimal effectiveness against Advanced Persistent Threats (APTs), network security segmentation must apply an integrated set of dynamic, enforceable barriers to advanced threats. With segment-based security capabilities, NSv can group similar interfaces and apply the same policies to them, instead of having to write the same policy for each interface. By applying security policies to the inside of the VN, segmentation can be configured to organize network resources into different segments, and allow or restrict traffic between those segments. This way, access to critical internal resources can be strictly controlled.
NSv can automatically enforce segmentation restrictions based upon dynamic criteria, such as user identity credentials, geo-IP location and the security stature of mobile endpoints. For extended security, NSv it also capable of integrating multi-gigabit network switching into its security segment policy and enforcement. It directs segment policy to traffic at switching points throughout the network, and globally manage segment security enforcement from a single pane of glass.
Since segments are only as effective as the security that can be enforced between them, NSv applies intrusion prevention service (IPS) to scan incoming and outgoing traffic on the VLAN segment to enhance security for internal network traffic. For each segment, it enforces a full range of security services on multiple interfaces based on enforceable policy.
Flexible Deployment Use Cases
With infrastructure support for high availability (HA) implementation, NSv fulfills scalability and availability requirements of Software Defined Data Centers (SDDC). It ensures system resiliency, service reliability, and regulatory conformance. Optimized for broad range of public, private and hybrid deployment use cases, NSv can adapt to service-level changes and ensure VMs and their application workloads and data assets are available, as well as secure. It can do it all at multi-Gbps speed and low latency.
Organizations gain all the security advantages of a physical firewall, with the operational and economic benefits of virtualization. This includes system scalability, operation agility, provisioning speed, simple management and cost reduction.
The NSv Series is available in multiple virtual flavors carefully packaged for broad range of virtualized and cloud deployment use cases. Delivering multigigabit threat prevention and encrypted traffic inspection performance, the NSv Series can adapt to capacity-level increases and ensure VNs safety and application workloads and data assets are available as well as secure.
Governs Centrally
NSv deployments are centrally managed using both on premise with SonicWall GMS³, and with SonicWall Capture Security Center³, an open, scalable cloud security management, monitoring, reporting and analytics software that is delivered as a cost-effective as-a-service offering.
Capture Security Center gives the ultimate in visibility, agility and capacity to govern the entire SonicWall virtual and physical firewall ecosystem with greater clarity, precision, and speed - all from a single-pane-of-glass.
¹ Requires SonicWall Advanced Gateway Security Services (AGSS) subscription.
³ SonicWall Global Management System and Capture Security Center require separate licensing or subscription
Features:
SonicOS Platform
The SonicOS architecture is at the core of every SonicWall physical and virtual firewall including the NSv and NSa Series, SuperMassive™ Series and TZ Series. Refer to the SonicWall SonicOS Platform datasheet for complete list of features and capabilities.
Automated breach prevention1
This includes complete advanced threat protection, including high-performance intrusion and malware prevention, and cloud-based sandboxing.
Around-the-clock security1
New threat updates are automatically pushed to firewalls in the field with active security services, and take effect immediately without reboots or interruptions.
Zero-day protection1
NSv protects against zero-day attacks with constant updates against the latest exploit methods and techniques that cover thousands of individual exploits.
Threat API
NSv receives and leverages any and all proprietary, original equipment manufacturer and third-party intelligence feeds to combat advanced threats, such as zero-day, malicious insider, compromised credentials, ransomware and advanced persistent threats.
Zone protection
NSv strengthens internal security by segmenting the network into multiple security zones, with intrusion prevention service keeping threats from propagating across the zone boundaries. Creating and applying access rules and NAT policies to traffic passing through the various interfaces, it can allow or deny internal or external network access based on various criteria.
Application intelligence and control1
With application-specific policies, NSv provides granular control over network traffic on the level of users, email addresses, schedules, and IP-subnets. It controls custom applications by creating signatures based on specific parameters or patterns unique to an application in its network communications. Internal or external network access are allowed or denied based on various criteria.
Data leakage prevention
NSv provides the ability to scan streams of data for keywords. This restrict the transfer of certain file names, file types, email attachments, attachment types, email with certain subjects, and email or attachments with certain keywords or byte patterns.
Application layer bandwidth management
Using packet monitor, NSv can select among various bandwidth management settings to reduce network bandwidth usage by an application. This helps gain further control over the network.
Secure communication
NSv ensures that data exchange between groups of virtual machines is done securely, including isolation, confidentiality, integrity, and information flow control within these networks via use of segmentation.
Access control
NSv validates that only VMs that satisfy a given set of conditions are able to access data that belongs to another through the use of VLANs.
User authentication
NSv creates policies to control or restrict VM and workload access by unauthorized users.
Data confidentiality
NSv blocks information theft and illegitimate access to protected data and services.
Virtual network resilience and availability
NSv prevents disruption or degradation of application services and communications.
System safety and integrity
NSv stops unauthorized takeover of VM systems and services.
Traffic validation, inspection and monitoring mechanisms
NSv detects irregularities and malicious behaviors and stop attacks targeting VM workloads.
Deployment options2
NSv can be deployed on a wide variety of virtualized and cloud platforms for various private/public cloud security use cases.
¹ Requires SonicWall Advanced Gateway Security Services (AGSS) subscription.
² Virtual machine image (VMI) support for MS Hyper-V, Amazon and MS Azure will be on a forthcoming release
Benefits:
Public and private cloud security
- Gain complete visibility into intrahost communication between virtual machines for threat prevention
- Ensure appropriate placement of security policies for application throughout the virtual environment
- Deliver safe application enablement rules by application, user and device regardless of VM location
- Implement proper security zoning and isolations
Virtual machine protection
- Defend against zero-day vulnerabilities with Capture Advanced Threat Protection (ATP)
- Prevent unauthorized takeover of virtual systems
- Stop unauthorized access to protected data assets
- Block malicious and intrusive actions, such as spreading malware, executing operating system commands, file system browsing and C&C communication
- Prevent service disruption of any part or entire virtual ecosystem
Governs Centrally
- Establish an easy path to comprehensive security management, analytic reporting and compliance to unify your network security defense program
- Automate and correlate workflows to form a fully coordinated security governance, compliance and risk management strategy
Compliance
- Helps make regulatory bodies and auditors happy with automatic PCI, HIPAA and SOX security reports
- Customize any combination of security auditable data to help you move towards specific compliance regulations
Risk Management
- Move fast and drive collaboration, communication and knowledge across the shared security framework
- Make informed security policy decisions based on time-critical and consolidated threat information for higher level of security efficiency
Compare Models:
| Models: | NSV 10 | NSV 25 | NSV 50 | NSV 100 | NSV 200 | NSV 300 | NSV 400 | NSV 800 | NSV 1600 |
|---|---|---|---|---|---|---|---|---|---|
| Firewall General | |||||||||
| Operating system | SonicOS | ||||||||
| Supported Hypervisors | VMware ESXi v5.5 / v6.0 / v6.5 | ||||||||
| Max Supported vCPUs | 2 | 3 | 4 | 8 | 16 | ||||
| Max Mgmt/DataPlane Cores | 1/1 | 1/2 | 1/3 | 1/7 | 1/15 | ||||
| Min Memory | 4 GB | 6 GB | 8 GB | 10 GB | 12 GB | ||||
| Supported IP/Nodes | 10 | 25 | 50 | 100 | Unlimited | ||||
| Minimum Storage | 60 GB | ||||||||
| SSO users | 25 | 50 | 100 | 500 | 5,000 | 10,000 | 15,000 | 20,000 | |
| Logging | Analyzer, Local Log, Syslog | ||||||||
| High availability | Active/Passive | ||||||||
| Firewall/VPN Performance1 | |||||||||
| Firewall Inspection Throughput | 2 Gbps | 2.5 Gbps | 3 Gbps | 3.5 Gbps | 4.1 Gbps | 5.9 Gbps | 7.8 Gbps | 13.9 Gbps | 17.2 Gbps |
| Full DPI Throughput (GAV/GAS/IPS) | 450 Mbps | 550 Mbps | 650 Mbps | 750 Mbps | 900 Mbps | 1.6 Gbps | 2.2 Gbps | 4.0 Gbps | 6.4 Gbps |
| Application Inspection Throughput | 1 Gbps | 1.25 Gbps | 1.5 Gbps | 1.75 Gbps | 2.3 Gbps | 3.4 Gbps | 4.1 Gbps | 5.5 Gbps | 6.4 Gbps |
| IPS Throughput | 1 Gbps | 1.25 Gbps | 1.5 Gbps | 1.75 Gbps | 2.3 Gbps | 3.4 Gbps | 4.1 Gbps | 5.5 Gbps | 6.7 Gbps |
| Anti-Malware Inspection Throughput | 450 Mbps | 550 Mbps | 650 Mbps | 750 Mbps | 950 Mbps | 1.6 Gbps | 2.2 Gbps | 4.0 Gbps | 6.6 Gbps |
| IMIX Throughput | 750 Mbps | 850 Mbps | 950 Mbps | 1100 Mbps | 1.5 Gbps | 2.3 Gbps | 2.8 Gbps | 4.2 Gbps | 5.3 Gbps |
| TLS/SSL DPI Throughput | 650 Mbps | 750 Mbps | 850 Mbps | 950 Mbps | 1.1 Gbps | 1.2 Gbps | 1.8 Gbps | 3.4 Gbps | 5.1 Gbps |
| VPN Throughput | 500 Mbps | 550 Mbps | 600 Mbps | 650 Mbps | 750 Mbps | 1.4 Gbps | 1.9 Gbps | 4.2 Gbps | 8.4 Gbps |
| Connections per second | 1,800 | 5,000 | 8,000 | 10,000 | 13,760 | 24,360 | 37,270 | 75,640 | 125,000 |
| Maximum connections (SPI) | 10,000 | 50,000 | 125,000 | 150,000 | 225,000 | 1M | 1.5M | 3M | 4M |
| Maximum connections (DPI) | 10,000 | 50,000 | 100,000 | 125,000 | 125,000 | 500,000 | 1.5M | 2M | 2.5M |
| TLS/SSL DPI Connections | 500 | 1,000 | 2,000 | 4,000 | 8,000 | 12,000 | 20,000 | 30,000 | 50,000 |
| VPN | |||||||||
| Site-to-Site VPN Tunnels | 10 | 25 | 50 | 75 | 100 | 6,000 | 10,000 | 25,000 | |
| IPSec VPN clients (Maximum) | 10 | 25 | 50(1000) | 2,000(4,000) | 2,000(6,000) | 2,000(10,000) | |||
| SSL VPN NetExtender Clients (Maximum) | 2(10) | 2(25) | 2(100) | ||||||
| Encryption/authentication | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | ||||||||
| Key exchange | Diffie Hellman Groups 1, 2, 5, 14v | ||||||||
| Route-based VPN | RIP, OSPF, BGP | ||||||||
| Networking | |||||||||
| IP address assignment | Static, DHCP, internal DHCP server, DHCP relay | ||||||||
| NAT modes | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | ||||||||
| VLAN Interfaces | 25 | 50 | 256 | 500 | 512 | ||||
| Routing protocols | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | ||||||||
| QoS | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | ||||||||
| Authentication | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | ||||||||
| VoIP | Full H323-v1-5, SIP | ||||||||
| Standards | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, L2TP, PPTP, RADIUS | ||||||||
1 Published performance numbers are up to the specification and the actual performance may vary depending on underlying hardware, network conditions; firewall configuration and activated services. Performance and capacities may also vary based on underlying virtualization infrastructure, and we recommend additional testing within your environment to ensure your performance and capacity requirements are met. Performance metrics were observed using Intel Xeon W Processor (W-2195 2.3GHz, 4.3GHz Turbo, 24.75M Cache) running SonicOSv 6.5.0.2 with VMware vSphere 6.5.
Documentation:
Download the SonicWALL Network Security Virtual (NSV) Firewall Series Datasheet (.PDF)
Pricing Notes:
- All Prices are Inclusive of GST
- Pricing and product availability subject to change without notice.
List Price: $7,128.00
Our Price: $6,059.00
*Note: This unit must be used in conjunction with an active NSV 400 Virtual Appliance
Our Price: $4,990.00
*Includes NSV 400 Virtual Appliance with 1 Year AGSS Bundle (Capture ATP, Threat Prevention, Content Filtering, 24x7 Support)
List Price: $11,920.00
Our Price: $10,132.00
List Price: $12,809.00
Our Price: $10,888.00
*Service provided by Western NRG.
Our Price: Request a Quote
List Price: $5,410.00
Our Price: $4,599.00
List Price: $13,280.00
Our Price: $11,288.00
List Price: $22,008.00
Our Price: $18,707.00
List Price: $4,563.00
Our Price: $3,879.00
List Price: $10,918.00
Our Price: $9,281.00
List Price: $18,197.00
Our Price: $15,468.00
List Price: $1,018.00
Our Price: $866.00
List Price: $2,451.00
Our Price: $2,084.00
List Price: $4,073.00
Our Price: $3,462.00
List Price: $1,641.00
Our Price: $1,394.00
List Price: $3,922.00
Our Price: $3,334.00
List Price: $6,525.00
Our Price: $5,546.00
List Price: $1,509.00
Our Price: $1,282.00
List Price: $3,602.00
Our Price: $3,061.00
List Price: $5,978.00
Our Price: $5,081.00
List Price: $1,358.00
Our Price: $1,154.00
List Price: $3,262.00
Our Price: $2,773.00
List Price: $5,431.00
Our Price: $4,616.00
List Price: $1,773.00
Our Price: $1,507.00
List Price: $4,243.00
Our Price: $3,606.00
List Price: $7,071.00
Our Price: $6,011.00
List Price: $847.00
Our Price: $720.00
List Price: $281.00
Our Price: $239.00
List Price: $2,362.00
Our Price: $2,008.00
List Price: $759.00
Our Price: $645.00
Our Price: Request a Quote
List Price: $658.00
Our Price: $560.00