The SonicWALL® Network Security Appliance (NSA) 2400 is a Unified Threat Management platform for small- to medium-sized businesses and branch sites requiring capacity and performance. The NSA 2400 integrates dual-core hardware, SonicWALL Reassembly-Free Deep Packet Inspection™, intrusion prevention, application control, and SSL VPN, for real-time protection without compromising performance.
Features
Unified Threat Management.
The NSA 2400 provides application control, gateway anti-malware, intrusion prevention and Web content filtering on a high performance platform through its unified and simple management interface. This powerful combination ensures state-of-the-art security at a low total cost of ownership.
Application Intelligence.
SonicWALL provides real-time insight and control of network traffic broken down by applications, users and content through intuitive on-board visualization. The ability to prioritize important applications, throttle down unproductive applications and block unwanted application components ensures an efficient and safe network.
WAN Acceleration.
The WAN Acceleration Appliance (WXA) Series provides WAN Acceleration to reduce application latency, conserve bandwidth and significantly optimize WAN performance. The WXA Series appliances are provisioned, managed and controlled by existing SonicWALL E-Class Network Security Appliance (NSA), NSA and TZ Series appliances for optimal ease of use and simplified deployment.
Gateway Anti-Malware.
Gateway anti-virus and anti-spyware provide high performance protection against millions of unique pieces of malware with near zero latency and no file size limitation. This provides a first layer of defense and stops malware before it can reach systems on your network.
Intrusion prevention.
Tightly integrated, signature based network intrusion prevention protects against a comprehensive array of network and application layer threats by scanning packet payloads for attacks and exploits targeting critical internal systems.
SonicWALL Mobile Connect™
SonicWALL® Mobile Connect™, a single unified client app for iOS, provides Apple® iPad®, iPhone®, and iPod touch® users full network-level access to corporate and academic resources over encrypted SSL VPN connections.
Virtual Private Networking.
High-performance Virtual Private Networks (VPNs) easily scale to thousands of end points and branch offices. And SonicWALL Clean VPN™ technology protects the integrity of both your IPSec and SSL VPN traffic, securing your remote access tunnels and decontaminating the traffic running over it.
High performance.
SonicWALL’s patented Reassembly-Free Deep Packet Inspection engine combined with the NSA 2400’s dual-core security platform is capable of inspecting hundreds of thousands of connections simultaneously across all ports. With nearly zero latency and without file size limitations, the system provides 150 Mbps of Deep Packet Inspection across 6 GbE copper interfaces.
Specifications
Firewall Overview
| Feature | Value |
| Deep Packet Inspection Firewall | Optional |
| Stateful Packet Inspection Firewall | Standard |
| Unlimited File Size Protection | Standard |
| Protocols Scanned | 50+ |
| ICSA Firewall Certified | Standard |
Security Services Included
| Feature | Value |
| Application Intelligence and Control | Optional |
| Intrusion Prevention | Optional |
| Gateway Anti-Virus and Anti-Spyware | Optional |
| Enforced Client Anti-Virus and Anti-Spyware | Optional |
| Content & URL Filtering (CFS) | Optional |
| Analyzer Reporting | Optional |
| Comprehensive Anti-Spam Service | Optional |
| SSL Inspection (DPI-SSL) | Optional |
Support Services
| Feature | Value |
| Dynamic Support 8×5 | 90 Days |
| Dynamic Support 24×7 | Optional |
Firewall General
| Feature | Value |
| Interfaces | (6) 10/100/ 1000 Copper Gigabit Ports, 1 Console Interface, 2 USB |
| Management | CLI, SSH, GUI, GMS |
| Certifications | EAL4+, VPNC, ICSA Firewall 4.1, FIPS 140-2 |
| Nodes Supported | Unrestricted |
| RAM | 512 MB |
| Flash Memory | 512 MB |
| Site-to-Site VPN Tunnels | 75 |
| Global VPN Clients (Maximum) | 10 (250) |
| SSL VPN NetExtender Clients (Maximum) | 2 (25) |
| Unique Malware Threats Blocked | 1,000,000+ |
| Virtual Assist Technicians (Maximum) | 1 (5) |
| VLAN Interfaces | 25 |
| SonicPoints | 31 |
Performance
| Feature | Value |
| Stateful Throughput | 775 Mbps |
| DPI Performance | 150 Mbps |
| Gateway Anti-Virus Throughput | 160 Mbps |
| Intrusion Prevention Throughput | 275 Mbps |
| IMIX Performance | 235 Mbps |
| 3DES/AES VPN Throughput | 300 Mbps |
| Maximum Connections | 225000 |
| Maximum UTM Connections | 125000 |
| New Connections per Second | 4000 |
Features
| Feature | Value |
| Logging | IPFIX, Netflow, Analyzer, Local Log, Syslog |
| Network Traffic Visualization | Standard |
| Netflow/IPFIX Reporting | Standard |
| SNMP | Standard |
| Authentication | XAUTH/ RADIUS, Active Directory, SSO, LDAP, Terminal Services, Citrix, Internal User Database |
| Single Sign-On | Standard |
| Voice over IP (VoIP) Security | Standard |
| PortShield Security | n/a |
| Dynamic Routing | OSPF, RIP |
| Policy-based Routing | Standard |
| Route-based VPN | Standard |
| Dynamic Bandwidth Management | Standard |
| 802.11n Wireless Support via SonicPoints | Standard |
| Integrated Wireless Switch & Controller | Standard |
| Layer 2 Wireless Bridging | Standard |
| Stateful High Availability | Standard |
| Multi-WAN | Standard |
| Load Balancing | Standard |
| Object-based Management | Standard |
| Policy-based NAT | Standard |
| Inbound Load Balancing | Standard |
| IKEv2 VPN | Standard |
| Terminal Services Authentication/Citrix Support | Standard |
| Onboard Quality of Service (QoS) | Standard |
| SSL Control | Standard |
| IPv6 | Standard |
Failover
| Feature | Value |
| Hardware Failover | Optional Active/ Passive with State Sync |
| Multi-WAN Failover | Standard |
| Automated Failover/Failback | Standard |
| Analog Modem Failover | Standard |
| 3G Cellular Modem Failover | Standard |