SonicWall NSsp 12800 Security Appliance

SonicWall NSsp 12800 Security Appliance

From
$39,449.03
compare favorite favorite
  • Home
  • SonicWall NSsp 12800 Security Appliance
See all specs
SonicWall NSsp 12800 Security Appliance
SonicWall NSsp 12800 Security Appliance
SonicWall NSsp 12800 Security Appliance
SonicWall NSsp 12800 Security Appliance

SonicWall NSsp 12800 Security Appliance

MFG.PART: 01-SSC-6498

Earn 39,449 points when you buy me!

Hurry! Other 7 people are watching this product
SKU
SonicWall-NSsp-12800
Be the first to review this product
$39,449.03
In stock
Hurry! Other 7 people are watching this product

The SonicWall Network Security services platform (NSsp) 12000 series takes a modern approach to threat detection and prevention by combining cloud intelligence with appliance-based protection in a scalable, high-speed platform. Designed for large distributed enterprises, data centers and service providers, NSsp series next-generation firewalls (NGFWs) leverage innovative deep learning security technologies in the Capture Cloud Platform to deliver proven protection from the most advanced threats without slowing performance.

Details

Features & Benefits

Advanced Threat Protection

Stop Zero-Day and unknown malware in its tracks with Real-Time Deep Memory Inspection (RTDMI™) and Reassembly-Free Deep Packet Inspection (RFDPI). Pair robust on-box technology with cloud-based updates to stay ahead of the threats.

Multi-Instance Firewall

Take a modern approach to legacy multi-tenancy with Multi-Instance using containerized architecture. Run multiple independent firewall instances, software versions, and configurations on the same hardware without managing multiple appliances.

Unified Policy for Modern Enterprises

Unified Policy allows administrators to combine Layer 3 to Layer 7 access and security rules into a single policy to reduce rule management overhead. Intuitive policy creation and visual workflow reduce configuration errors and deployment time for a better overall security posture.

Scalability and Availability

With multiple configuration options and easy deployment build a security perimeter that will grow with you. Keep your business up and safe from threats to your network and beyond with redundant power supplies, fans and a built-in storage module to store logs, reports, firmware backup files and more.

High-Speed Performance

Featuring high port density and multiple 100/40/10 GbE interfaces, process several million simultaneous encrypted and unencrypted connections with unparalleled threat prevention technology. Get more from your investment as resource utilization and connection requirements grow with the explosion of connected devices and users.

NSSP_12800
NSSP_12800
NSSP_12800

Low Total Cost of Ownership

Reduce costs with budget-friendly pricing for a leading-edge hardware and software intelligence in a high-performance platform. Streamline operations with a centralized single-pane-of-glass management.

World-Class Threat Intelligence

SonicWall Capture Labs Threat Research team gathers, analyzes and vets information around the clock and around the globe. With a dedicated team of cyber security professionals, advanced machine learning algorithms, and more than one million security sensors spread over more than 200 countries and territories, SonicWall delivers up-to-date, world-class intelligence so decisions can be rendered in nanoseconds.

Flexible Deployment Options

Deploy at the network edge or the data center core. Deploy over a virtualized and cloud platform. Easily adapt to service-level changes. Get advanced protection that can be custom fit for your network needs, no matter how complex.

Cloud-Based And On-Premises Centralized Management

Gain greater visibility into your enterprise even as it becomes more complex and spans on-prem, in-cloud and hybrid environments. The NSsp firewalls can be tightly integrated into the SonicWall ecosystem for single-pane-of-glass management, licensing, reporting and analytics.

Tech Specs

Tech specs

Firewall NSSP 12800

Firewall Inspection Throughput 117 Gbps
Application Inspection Throughput 57 Gbps
IPS Throughput 52 Gbps
VPN Throughput 44 Gbps
Maximum Connections (DPI) 12,000,000
Interfaces 4 x 40-GbE QSFP+ 16 x 10-GbE SFP+
Site-to-Site VPN Tunnels 25,000
IPSec VPN Clients (Maximum) 2,000 (10,000)
SSL VPN NetExtender Clients (Maximum) 2 (3,000)
VLAN Interfaces 512

MANUFACTURING NUMBER

MFG Number 02-SSC-0378


FIREWALL/VPN PERFORMANCE

Firewall inspection throughput 117 Gbps
Application inspection throughput 57 Gbps
IPS throughput 52 Gbps
Anti-malware inspection throughput 32 Gbps
IMIX throughput 28 Gbps
TLS/SSL decryption and inspection throughput (DPI SSL) 12 Gbps
VPN throughput 44 Gbps
Connections per second 860,000/sec
Maximum connections (SPI) 32,000,000
Maximum connections (DPI) 12,000,000
Maximum connections (DPI SSL) 2,00,000

VPN

Site-to-site VPN tunnels 25,000
IPSec VPN clients (max) 2,000 (10,000)
SSL VPN NetExtender clients (max) 2 (3,000)
Encryption/Authentication DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B Cryptography
Key exchange Diffie Hellman Groups 1, 2, 5, 14v
Route-based VPN RIP, OSPF, BGP

NETWORKING

IP address assignment Static (DHCP, PPPoE, L2TP and PPTP client), Internal DHCP server, DHCP Relay
NAT modes 1:1, many:1, 1:many, flexible NAT (overlapping IPS), PAT, transparent mode
VLAN interfaces 512
Routing protocols BGP, OSPF, RIPv1/v2, static routes, policy-based routing
QoS Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p
Authentication LDAP, XAUTH/RADIUS, SSO, Novell, internal user database, Terminal Services, Citrix, Common Access Card (CAC)
VoIP Full H323-v1-5, SIP
Standards TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS, IEEE 802.3
Certifications (in progress) ICSA Firewall, ICSA Anti-Virus, FIPS 140-2, Common Criteria NDPP (Firewall and IPS), UC APL, USGv6, CsFC
High availability Active/Passive with State Sync, Active/Active DPI with State Sync, Active/Active Clustering

HARDWARE

Power supply Dual, Redundant, 1,200W
Fans Dual, Removable
Input power 100-240 VAC, 50-60 Hz
Maximum power consumption (W) 965
MTBF @25ºC in hours 91,118
MTBF @25ºC in years 10.4
Form factor 4U Rack Mountable
Dimensions 24.0 x 16.9 x 7.1 in (61 x 43 x 18 cm)
Weight 67.2 lb (30.5 kg)
WEEE weight 75.6 lb (34.3 kg)
Shipping weight 91.1 lb (41.3 kg)
Major regulatory FCC Class A, CE (EMC, LVD, RoHS), C-Tick, VCCI Class A, MSIP/KCC Class A, UL, cUL, TUV/GS, CB, Mexico CoC by UL, WEEE , REACH, ANATEL, BSMI
Environment (Operating/Storage) 32°-105° F (0°-40° C)/-40° to 158° F (-40° to 70° C)
Humidity 10-95% non-condensing
Models

NSsp Series (High End)

SonicWall NSsp 12800 Security Appliance
Price
39449.03
Learn more
Sonicwall NSsp 10700 High End Firewall- Security Appliance
Price
39449.03
Learn more
Sonicwall NSsp 13700 High End Firewall- Security Appliance
Price
39449.03
Learn more
Sonicwall NSsp 11700 High End Firewall- Security Appliance
Price
39449.03
Learn more
SonicWall NSsp 15700 - Essential Edition - Security Appliance - With 1 Year TotalSecure
Price
39449.03
Learn more
SonicWall NSsp 15700 - Security Appliance - With 3 Years Essential Protection Service Suite
Price
39449.03
Learn more
Sonicwall NSsp 13700 High End Firewall Essential Edition - Security Appliance
Price
39449.03
Learn more
Sonicwall NSsp 13700 High End Firewall - With 3 Years Essential Protection Service Suite
Price
39449.03
Learn more
Sonicwall NSsp 13700 High End Firewall - Essential Edition With 1 Year Total Secure
Price
39449.03
Learn more
Sonicwall NSsp 13700 High End Firewall Advanced Edition - Security Appliance
Price
39449.03
Learn more
SonicWall NSsp 10700 - Advanced Edition - Security Appliance
Price
39449.03
Learn more
SonicWall NSsp 10700 - Essential Edition - Security Appliance
Price
39449.03
Learn more
SonicWall NSsp 10700 - Security Appliance - With 3 Years Essential Protection Service Suite
Price
39449.03
Learn more
SonicWall NSsp 11700 - Essential Edition - Security Appliance
Price
39449.03
Learn more
SonicWall NSsp 11700 - Security Appliance - With 3 Years Essential Protection Service Suite
Price
39449.03
Learn more
Sonicwall NSsp 15700 High End Firewall - Security Appliance
Price
39449.03
Learn more
SonicWall NSsp 12400 Security Appliance
Price
39449.03
Learn more
OS Features

SonicOS Feature Summary

Firewall NSSP 12800

Firewall Stateful packet inspection
Reassembly-Free Deep Packet Inspection
DDoS attack protection (UDP/ICMP/SYN flood)
IPv4/IPv6
Biometric authentication for remote access
DNS proxy
REST APIs
TLS/SSL/SSH decryption and inspection Deep packet inspection for TLS/SSL/SSH
Inclusion/exclusion of objects, groups or hostnames
TLS/SSL control
Granular DPI SSL controls per zone or rule
Capture advanced threat protection Real-Time Deep Memory Inspection
Cloud-based multi-engine analysis
Virtualized sandboxing
Hypervisor level analysis
Full system emulation
Broad file type examination
Automated and manual submission
Real-time threat intelligence updates
Block until verdict
Capture Client
Intrusion prevention Signature-based scanning
Automatic signature updates
Bi-directional inspection
Granular IPS rule capability
GeoIP enforcement
Botnet filtering with dynamic list
Regular expression matching
Anti-malware Stream-based malware scanning
Gateway anti-virus
Gateway anti-spyware
Bi-directional inspection
No file size limitation
Cloud malware database
Application identification Application control
Application bandwidth management
Custom application signature creation
Data leakage prevention
Application reporting over NetFlow/IPFIX
Comprehensive application signature database
Traffic visualization and analytics User activity
Application/bandwidth/threat usage
Web content filtering URL filtering
Proxy avoidance
Keyword blocking
HTTP header insertion
Bandwidth manage CFS rating categories
Unified policy model with app control
Content Filtering Client
VPN Auto-provision VPN
IPSec VPN for site-to-site connectivity
SSL VPN and IPSec client remote access
Redundant VPN gateway
Mobile Connect for iOS, Mac OS X, Windows, Chrome, Android and Kindle Fire
Route-based VPN (OSPF, RIP, BGP)
Networking PortShield
Jumbo frames
Enhanced logging
VLAN trunking
RSTP (Rapid Spanning Tree Protocol)
Port mirroring
Port security
Layer-2 QoS
Dynamic routing (RIP/OSPF/BGP)
Policy-based routing
NAT
DNS/DNS proxy
DHCP server
Wireless WIDS/WIPS
RF spectrum analysis
Rogue AP prevention
Fast roaming (802.11k/r/v)
Floor plan view/Topology view
Band steering
Beamforming
AirTime fairness
MiFi extender
Guest cyclic quota
LHM guest portal
VoIP Granular QoS control
Bandwidth management
SIP and H.323 transformations per access rule
H.323 gatekeeper and SIP proxy support
Management and monitoring GMS, Web, UI, CLI, REST APIs,SNMPv2/v3
Logging
Netflow/IPFix exporting
Cloud-based configuration backup
BlueCoat Security Analytics Platform
SonicWall access point management
Storage Logs
Reports
Firmware backups

RFDPI ENGINE

Reassembly-Free Deep Packet Inspection (RFDPI) This high-performance, proprietary and patented inspection engine performs stream-based, bi-directional traffic analysis,without proxying or buffering, to uncover intrusion attempts and malware and to identify application traffic regardless ofport.
Bi-directional inspection Scans for threats in both inbound and outbound traffic simultaneously to ensure that the network is not used to distribute malware and does not become a launch platform for attacks in case an infected machine is brought inside.
Stream-based inspection Proxy-less and non-buffering inspection technology provides ultra-low latency performance for DPI of millions ofsimultaneous network streams without introducing file and stream size limitations, and can be applied on commonprotocols as well as raw TCP streams.
Highly parallel and scalable The unique design of the RFDPI engine works with the multi-core architecture to provide high DPI throughput andextremely high new session establishment rates to deal with traffic spikes in demanding networks.
Single-pass inspection A single-pass DPI architecture simultaneously scans for malware, intrusions and application identification, drasticallyreducing DPI latency and ensuring that all threat information is correlated in a single architecture.

FIREWALL AND NETWORKING

REST APIs Allows the firewall to receive and leverage any and all proprietary, original equipment manufacturer and third-partyintelligence feeds to combat advanced threats such as zero-day, malicious insider, compromised credentials, ransomwareand advanced persistent threats.
Stateful packet inspection All network traffic is inspected, analyzed and brought into compliance with firewall access policies.
High availability/clustering The NSsp series supports Active/Passive (A/P) with state synchronization, Active/Active (A/A) DPI and Active/Activeclustering high availability modes. Active/Active DPI offloads the deep packet inspection load to cores on the passive appliance to boost throughput.
DDoS/DoS attack protection SYN flood protection provides a defense against DoS attacks using both Layer 3 SYN proxy and Layer 2 SYN blacklisting technologies. Additionally, it protects against DoS/DDoS through UDP/ICMP flood protection and connection rate limiting.
IPv6 support Internet Protocol version 6 (IPv6) is in its early stages to replace IPv4. With SonicOS, the hardware will support filtering and wire mode implementations.
Flexible deployment options The NSsp series can be deployed in traditional NAT, Layer 2 bridge, wire and network tap modes
WAN load balancing Load-balances multiple WAN interfaces using Round Robin, Spillover or Percentage methods.
Advanced quality of service (QoS) Guarantees critical communications with 802.1p, DSCP tagging, and remapping of VoIP traffic on the network.
H.323 gatekeeper and SIP proxy support Blocks spam calls by requiring that all incoming calls are authorized and authenticated by H.323 gatekeeper or SIP proxy.
Biometric authentication Supports mobile device authentication such as fingerprint recognition that cannot be easily duplicated or shared to securely authenticate the user identity for network access.
Open authentication and social login Enable guest users to use their credentials from social networking services such as Facebook, Twitter, or Google+ to sign in and access the Internet and other guest services through a host's wireless, LAN or DMZ zones using pass-through authentication.

MANAGEMENT AND REPORTING

Global Management System (GMS) Configuration and management of SonicWall appliances is available on-premises using SonicWall Global Management System (GMS).
Powerful single device management An intuitive web-based interface allows quick and convenient configuration, in addition to a comprehensive command-line interface and support for SNMPv2/3.
IPFIX/NetFlow application flow reporting Exports application traffic analytics and usage data through IPFIX or NetFlow protocols for real-time and historical monitoring and reporting with tools such as SonicWall Analytics or other tools that support IPFIX and NetFlow with extensions.

VIRTUAL PRIVATE NETWORKING (VPN)

Auto-provision VPN Simplifies and reduces complex distributed firewall deployment down to a trivial effort by automating the initial site-to-site VPN gateway provisioning between SonicWall firewalls while security and connectivity occurs instantly and automatically.
IPSec VPN for site-to-site connectivity High-performance IPSec VPN allows the NSsp series to act as a VPN concentrator for thousands of other large sites, branch offices or home offices.
SSL VPN or IPSec client remote access Utilizes clientless SSL VPN technology or an easy-to-manage IPSec client for easy access to email, files, computers, intranet sites and applications from a variety of platforms.
Redundant VPN gateway When using multiple WANs, a primary and secondary VPN can be configured to allow seamless, automatic failover and failback of all VPN sessions
Route-based VPN The ability to perform dynamic routing over VPN links ensures continuous uptime in the event of a temporary VPN tunnel failure, by seamlessly re-routing traffic between endpoints through alternate routes.

CONTENT/CONTEXT AWARENESS

User activity tracking User identification and activity are made available through seamless AD/LDAP/Citrix1/Terminal Services1 SSO integration combined with extensive information obtained through DPI.
GeoIP country traffic identification Identifies and controls network traffic going to or coming from specific countries to either protect against attacks from known or suspected origins of threat activity, or to investigate suspicious traffic originating from the network. Ability to create custom country and Botnet lists to override an incorrect country or Botnet tag associated with an IP address. Eliminates unwanted filtering of IP addresses due to misclassification.
Regular expression DPI filtering Prevents data leakage by identifying and controlling content crossing the network through regular expression matching.Provides the ability to create custom country and Botnet lists to override an incorrect country or Botnet tag associated with an IP address.

Works Best Together With

^Top