Firewall vendor SonicWALL today introduced the SonicWALL Network Security Appliance Series (NSA), a trio of multifunction firewalls aimed at the mid-enterprise.
The NSA Series are multi-core platforms that work with a reassembly-free deep packet inspection engine. Together, they examine all traffic coming in for real time inspection without slowing down network traffic.
"UTM brings multiple security technologies into a single solution to inspect these packets at a detailed level," said Jon Kuhn, director of product marketing at SonicWALL. But it's not easy, he adds. "When you do that level of inspection you will have a dramatic impact on the performance of a network. So while people want all the aspects of protection today they have the consequence of poor performance."
One way it achieves maximum performance is by scanning the file as it comes in, rather than waiting for an entire file to download before scanning it. That way, if a hint of malware is detected in the first stages of an incoming file, it is more closely inspected as it comes in.
This allows the NSA servers to scan unlimited file sizes and virtually hundreds of thousands of concurrent file packets coming in over any TCP port. It examines both the packet envelope and its contents at the same time. SonicWALL calls this its unified threat management (UTM) technology.
In addition to stopping malware from coming in, the NSA application firewall comes with a set of tools to prevent vital data from going out. These tools let administrators configure the firewall to set security on a per user, e-mail user, per schedule and per IP subnet (define) level.